9.3
CVE-2006-5581
- EPSS 35.54%
- Veröffentlicht 12.12.2006 20:28:00
- Zuletzt bearbeitet 16.06.2026 22:31:28
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Explorer Version <= 6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 35.54% | 0.983 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://www.securityfocus.com/archive/1/454969/100/200/threaded
http://www.us-cert.gov/cas/techalerts/TA06-346A.html
http://secunia.com/advisories/23288
http://www.vupen.com/english/advisories/2006/4966
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-072
http://securitytracker.com/id?1017373
http://www.kb.cert.org/vuls/id/347448
http://www.osvdb.org/30814
http://www.securityfocus.com/archive/1/454210/100/0/threaded
http://www.securityfocus.com/bid/21546
http://www.symantec.com/security_response/writeup.jsp?docid=2006-121212-1201-99
http://www.zerodayinitiative.com/advisories/ZDI-06-048.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A116