What is CVE-2006-4868?

CVE-2006-4868 is a vulnerability in N/a. Published 2006-09-19.

Is CVE-2006-4868 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-4868

Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a V…

EPSS: 0.684 (98.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

blogs.securiteam.com/index.php/archives/624 (x_refsource_MISC)
20060924 Windows VML Vulnerability FAQ (CVE-2006-4868) written (mailing-list, x_refsource_BUGTRAQ)
20096 (vdb-entry, x_refsource_BID)
20060920 RE: vml.c - Internet Explorer VML Buffer Overflow Download Exec Exploit (mailing-list, x_refsource_BUGTRAQ)
20060920 vml.c - Internet Explorer VML Buffer Overflow Download Exec Exploit (mailing-list, x_refsource_BUGTRAQ)
ADV-2006-3679 (vdb-entry, x_refsource_VUPEN)
VU#416092 (x_refsource_CERT-VN, third-party-advisory)
www.microsoft.com/technet/security/advisory/925568.mspx (x_refsource_CONFIRM)
925486 (vendor-advisory, x_refsource_MSKB)
21989 (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2006-4868?: CVE-2006-4868 is a vulnerability in N/a. Published 2006-09-19.
Is CVE-2006-4868 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.