5

CVE-2006-7065

Exploit

Microsoft Internet Explorer allows remote attackers to cause a denial of service (crash) via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference.

Data is provided by the National Vulnerability Database (NVD)
MicrosoftIe Version6 Editionmicrosoft_windows_server_2003_sp1
MicrosoftIe Version6 Editionwindows_2000
MicrosoftIe Version6 Editionwindows_server_2003
MicrosoftIe Version6 Editionwindows_xp_professional_64bit
MicrosoftIe Version6 Updatesp1 Editionwindows_98
MicrosoftIe Version6 Updatesp1 Editionwindows_98_se
MicrosoftIe Version6 Updatesp1 Editionwindows_millennium
MicrosoftIe Version6 Updatesp1 Editionwindows_xpsp1
MicrosoftIe Version6 Updatewindows_2000_sp4
MicrosoftIe Version6 Updatewindows_server_2003_sp1
MicrosoftIe Version6 Updatewindows_server_2003_sp1_itanium
MicrosoftIe Version6 Updatewindows_server_2003_sp1_itanium_systems
MicrosoftIe Version6 Updatewindows_xp_sp2
MicrosoftIe Version6.0 Editionwindows_server
MicrosoftIe Version6.0 Editionwindows_server_2003
MicrosoftIe Version6.0 Editionwindowsxp
MicrosoftIe Version6.0 Updatesp1
MicrosoftIe Version6.0 Updatesp1 Editionwindows_2000
MicrosoftIe Version6.0 Updatesp1 Editionwindows_xp
MicrosoftIe Version6.0 Updatesp2
MicrosoftIe Version6.0 Updatesp2 Editionwindows_xp
MicrosoftIe Version6.0 Updatewindows_xp_sp2
MicrosoftIe Version7 Editionwindows_server_2003
MicrosoftIe Version7 Updatewindows_2000_sp4
MicrosoftIe Version7 Updatewindows_server_2003_sp1
MicrosoftIe Version7 Updatewindows_xp_sp2
MicrosoftIe Version7.0 Editionvista
MicrosoftIe Version7.0 Updatebeta_2
MicrosoftIe Version7.0 Updatewindows_xp_sp2
MicrosoftInternet Explorer Version6 Updatesp1
MicrosoftInternet Explorer Version6.0
MicrosoftInternet Explorer Version6.0.2600
MicrosoftInternet Explorer Version6.0.2800
MicrosoftInternet Explorer Version6.0.2800.1106
MicrosoftInternet Explorer Version6.0.2900
MicrosoftInternet Explorer Version6.0.2900.2180
MicrosoftInternet Explorer Version7.0 Updatebeta
MicrosoftInternet Explorer Version7.0 Updatebeta1
MicrosoftInternet Explorer Version7.0 Updatebeta2
MicrosoftInternet Explorer Version7.0 Updatebeta3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 17.74% 0.945
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P