Vulnerability in N/a
CVE-2006-3638
Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth funct…
EPSS: 0.549 (98.1th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- VU#959049 (x_refsource_CERT-VN, third-party-advisory)
- 1016663 (vdb-entry, x_refsource_SECTRACK)
- MS06-042 (x_refsource_MS, vendor-advisory)
- 27852 (x_refsource_OSVDB, vdb-entry)
- oval:org.mitre.oval:def:719 (signature, x_refsource_OVAL, vdb-entry)
- 20060808 TSRT-06-09: Microsoft DirectAnimation COM Object Memory Corruption Vulnerability (mailing-list, x_refsource_BUGTRAQ)
- 21396 (x_refsource_SECUNIA, third-party-advisory)
- ADV-2006-3212 (vdb-entry, x_refsource_VUPEN)
- TA06-220A (x_refsource_CERT, third-party-advisory)
- www.tippingpoint.com/security/advisories/TSRT-06-09.html (x_refsource_MISC)