Vulnerabilities > CVE-2006-7030 - Denial of Service vulnerability in Microsoft IE 6.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2007-02-23

Updated: 2018-10-16

Summary

Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll.

Vulnerable Configurations

Part	Description	Count
OS	Microsoft Microsoft Windows 2000 * Microsoft Windows 2003 Server Sp2 Microsoft Windows 98 * Microsoft Windows ME * Microsoft Windows NT * Microsoft Windows Vista * Microsoft Windows XP *	7
Application	Microsoft Microsoft IE 6.0	1

References

http://securityreason.com/securityalert/2286
http://www.securityfocus.com/archive/1/435095/30/4710/threaded
http://www.securityfocus.com/archive/1/435129/30/4710/threaded
http://www.securityfocus.com/bid/18112
https://exchange.xforce.ibmcloud.com/vulnerabilities/26808