Vulnerabilities > CVE-2006-1188
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.
Vulnerable Configurations
Exploit-Db
| description | MS Internet Explorer (HTML Tag) Memory Corruption (MS06-013). CVE-2006-1185,CVE-2006-1186,CVE-2006-1188,CVE-2006-1189,CVE-2006-1190,CVE-2006-1191,CVE-2006-11... |
| id | EDB-ID:1838 |
| last seen | 2016-01-31 |
| modified | 2006-05-27 |
| published | 2006-05-27 |
| reporter | Thomas Waldegger |
| source | https://www.exploit-db.com/download/1838/ |
| title | Microsoft Internet Explorer HTML Tag Memory Corruption MS06-013 |
Nessus
| NASL family | Windows : Microsoft Bulletins |
| NASL id | SMB_NT_MS06-013.NASL |
| description | The remote host is missing IE Cumulative Security Update 912812. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 21210 |
| published | 2006-04-11 |
| reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/21210 |
| title | MS06-013: Cumulative Security Update for Internet Explorer (912812) |
Oval
accepted 2011-05-16T04:00:24.709-04:00 class vulnerability contributors name Robert L. Hollis organization ThreatGuard, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. family windows id oval:org.mitre.oval:def:1144 status accepted submitted 2006-04-12T12:55:00.000-04:00 title IE6 HTML Tag Memory Corruption (Server 2003,SP1) version 68 accepted 2014-02-24T04:00:12.850-05:00 class vulnerability contributors name Robert L. Hollis organization ThreatGuard, Inc. name Matthew Wojcik organization The MITRE Corporation name Preeti Subramanian organization SecPod Technologies name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc. name Maria Mikhno organization ALTX-SOFT
description Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. family windows id oval:org.mitre.oval:def:1290 status accepted submitted 2006-04-12T12:55:00.000-04:00 title IE6 HTML Tag Memory Corruption (Win2K/WinXP) version 73 accepted 2011-05-16T04:00:48.592-04:00 class vulnerability contributors name Robert L. Hollis organization ThreatGuard, Inc. name Jonathan Baker organization The MITRE Corporation name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. family windows id oval:org.mitre.oval:def:1296 status accepted submitted 2006-04-12T12:55:00.000-04:00 title IE6 HTML Tag Memory Corruption (Server 2003) version 68 accepted 2011-05-16T04:01:47.114-04:00 class vulnerability contributors name Robert L. Hollis organization ThreatGuard, Inc. name Dragos Prisaca organization Gideon Technologies, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption. family windows id oval:org.mitre.oval:def:1773 status accepted submitted 2006-04-12T12:55:00.000-04:00 title IE6 HTML Tag Memory Corruption (WinXP) version 69
References
- http://secunia.com/advisories/18957
- http://secunia.com/advisories/18957
- http://securitytracker.com/id?1015900
- http://securitytracker.com/id?1015900
- http://www.kb.cert.org/vuls/id/824324
- http://www.kb.cert.org/vuls/id/824324
- http://www.securityfocus.com/archive/1/435096/30/4710/threaded
- http://www.securityfocus.com/archive/1/435096/30/4710/threaded
- http://www.us-cert.gov/cas/techalerts/TA06-101A.html
- http://www.us-cert.gov/cas/techalerts/TA06-101A.html
- http://www.vupen.com/english/advisories/2006/1318
- http://www.vupen.com/english/advisories/2006/1318
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1144
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1144
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1290
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1290
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1296
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1296
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1773
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1773