7.1
CVE-2006-7066
- EPSS 21.6%
- Veröffentlicht 02.03.2007 21:18:00
- Zuletzt bearbeitet 16.06.2026 22:34:19
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating an object inside an iframe, deleting the frame by setting its location.href to about:blank, then accessing a property of the object within the deleted frame, which triggers a NULL pointer dereference. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Internet Explorer Version6.0
Microsoft ≫ Internet Explorer Version6.0 Updatesp1
Microsoft ≫ Internet Explorer Version6.0 Updatesp2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 21.6% | 0.973 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 8.6 | 6.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
http://archives.neohapsis.com/archives/bugtraq/2009-07/0193.html
http://blogs.securiteam.com/index.php/archives/554
http://browserfun.blogspot.com/2006/07/mobb-30-orphan-object-properties.html
http://websecurity.com.ua/3130/
http://www.osvdb.org/27533
http://www.securityfocus.com/bid/19228
https://exchange.xforce.ibmcloud.com/vulnerabilities/28068