Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2006-4687 | First vendor Publication | 2006-11-14 |
Vendor | Cve | Last vendor Modification | 2021-07-23 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 5.1 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via crafted layout combinations involving DIV tags and HTML CSS float properties that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4687 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:456 | |||
Oval ID: | oval:org.mitre.oval:def:456 | ||
Title: | HTML Rendering Memory Corruption Vulnerability | ||
Description: | Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via crafted layout combinations involving DIV tags and HTML CSS float properties that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-4687 | Version: | 1 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Internet Explorer |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 5 |
ExploitDB Exploits
id | Description |
---|---|
2010-07-16 | Internet Explorer Daxctle.OCX KeyFrame Method Heap Buffer Overflow Vulnerability |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
31323 | Microsoft IE DIV Tag and HTML CSS Float Properties Arbitrary Code Execution Microsoft Internet Explorer contains a flaw that may allow a malicious user to corrupt memory. The issue is triggered when a user visits a maliciously crafted web page that contains layout combinations involving DIV tags and HTML CSS float properties. It is possible that the flaw may allow an attacker to execute arbitrary code resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX function call a... RuleID : 8845 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAArray.1 ActiveX CLSID unicode access RuleID : 8844 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX clsid access RuleID : 8843 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX function call a... RuleID : 8842 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DABbox2.1 ActiveX CLSID unicode access RuleID : 8841 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX clsid access RuleID : 8840 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX function call a... RuleID : 8839 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DABbox3.1 ActiveX CLSID unicode access RuleID : 8838 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX clsid access RuleID : 8837 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX function call... RuleID : 8836 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DABoolean.1 ActiveX CLSID unicode access RuleID : 8835 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX clsid access RuleID : 8834 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX function call ... RuleID : 8833 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DACamera.1 ActiveX CLSID unicode access RuleID : 8832 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX clsid access RuleID : 8831 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX function call a... RuleID : 8830 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAColor.1 ActiveX CLSID unicode access RuleID : 8829 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX clsid access RuleID : 8828 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DADashStyle.1 ActiveX function ca... RuleID : 8827 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DADashStyle.1 ActiveX CLSID unicode access RuleID : 8826 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DADashStyle.1 ActiveX clsid access RuleID : 8825 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAGeometry.1 ActiveX function cal... RuleID : 8824 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAGeometry.1 ActiveX CLSID unicode access RuleID : 8823 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAGeometry.1 ActiveX clsid access RuleID : 8822 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAImage.1 ActiveX function call a... RuleID : 8821 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAImage.1 ActiveX CLSID unicode access RuleID : 8820 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAImage.1 ActiveX clsid access RuleID : 8819 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAJoinStyle.1 ActiveX function ca... RuleID : 8818 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAJoinStyle.1 ActiveX CLSID unicode access RuleID : 8817 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAJoinStyle.1 ActiveX clsid access RuleID : 8816 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DALineStyle.1 ActiveX function ca... RuleID : 8815 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DALineStyle.1 ActiveX CLSID unicode access RuleID : 8814 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DALineStyle.1 ActiveX clsid access RuleID : 8813 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAMatte.1 ActiveX function call a... RuleID : 8812 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAMatte.1 ActiveX CLSID unicode access RuleID : 8811 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAMatte.1 ActiveX clsid access RuleID : 8810 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAMicrophone.1 ActiveX function c... RuleID : 8809 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAMicrophone.1 ActiveX CLSID unicode access RuleID : 8808 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAMicrophone.1 ActiveX clsid access RuleID : 8807 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAMontage.1 ActiveX function call... RuleID : 8806 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAMontage.1 ActiveX CLSID unicode access RuleID : 8805 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAMontage.1 ActiveX clsid access RuleID : 8804 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DANumber.1 ActiveX function call ... RuleID : 8803 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DANumber.1 ActiveX CLSID unicode access RuleID : 8802 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DANumber.1 ActiveX clsid access RuleID : 8801 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAPair.1 ActiveX function call ac... RuleID : 8800 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAPair.1 ActiveX CLSID unicode access RuleID : 8799 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAPair.1 ActiveX clsid access RuleID : 8798 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAPath2.1 ActiveX function call a... RuleID : 8797 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAPath2.1 ActiveX CLSID unicode access RuleID : 8796 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAPath2.1 ActiveX clsid access RuleID : 8795 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAPoint2.1 ActiveX function call ... RuleID : 8794 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAPoint2.1 ActiveX CLSID unicode access RuleID : 8793 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAPoint2.1 ActiveX clsid access RuleID : 8792 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAPoint3.1 ActiveX function call ... RuleID : 8791 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAPoint3.1 ActiveX CLSID unicode access RuleID : 8790 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAPoint3.1 ActiveX clsid access RuleID : 8789 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DASound.1 ActiveX function call a... RuleID : 8788 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DASound.1 ActiveX CLSID unicode access RuleID : 8787 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DASound.1 ActiveX clsid access RuleID : 8786 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAString.1 ActiveX function call ... RuleID : 8785 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAString.1 ActiveX CLSID unicode access RuleID : 8784 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAString.1 ActiveX clsid access RuleID : 8783 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DATransform2.1 ActiveX function c... RuleID : 8782 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DATransform2.1 ActiveX CLSID unicode access RuleID : 8781 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DATransform2.1 ActiveX clsid access RuleID : 8780 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DATransform3.1 ActiveX function c... RuleID : 8779 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DATransform3.1 ActiveX CLSID unicode access RuleID : 8778 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DATransform3.1 ActiveX clsid access RuleID : 8777 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAUserData.1 ActiveX function cal... RuleID : 8776 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAUserData.1 ActiveX CLSID unicode access RuleID : 8775 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAUserData.1 ActiveX clsid access RuleID : 8774 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAVector2.1 ActiveX function call... RuleID : 8773 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAVector2.1 ActiveX CLSID unicode access RuleID : 8772 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAVector2.1 ActiveX clsid access RuleID : 8771 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAVector3.1 ActiveX function call... RuleID : 8770 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAVector3.1 ActiveX CLSID unicode access RuleID : 8769 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAVector3.1 ActiveX clsid access RuleID : 8768 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAView.1 ActiveX function call ac... RuleID : 8767 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAView.1 ActiveX CLSID unicode access RuleID : 8766 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAView.1 ActiveX clsid access RuleID : 8765 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.Sequence ActiveX function call ac... RuleID : 8764 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.Sequence ActiveX CLSID unicode access RuleID : 8763 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.Sequence ActiveX clsid access RuleID : 8762 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.SequencerControl ActiveX function... RuleID : 8761 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.SequencerControl ActiveX CLSID unicode access RuleID : 8760 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.SequencerControl ActiveX clsid ac... RuleID : 8759 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.SpriteControl ActiveX function ca... RuleID : 8758 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.SpriteControl ActiveX CLSID unicode access RuleID : 8757 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.SpriteControl ActiveX clsid access RuleID : 8756 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer LM.AutoEffectBvr.1 ActiveX function call access RuleID : 8755 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | LM.AutoEffectBvr.1 ActiveX CLSID unicode access RuleID : 8754 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer LM.AutoEffectBvr.1 ActiveX clsid access RuleID : 8753 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer LM.LMBehaviorFactory.1 ActiveX function call access RuleID : 8752 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | LM.LMBehaviorFactory.1 ActiveX CLSID unicode access RuleID : 8751 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer LM.LMBehaviorFactory.1 ActiveX clsid access RuleID : 8750 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAEndStyle.1 ActiveX function cal... RuleID : 8749 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAEndStyle.1 ActiveX CLSID unicode access RuleID : 8748 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAEndStyle.1 ActiveX clsid access RuleID : 8747 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAEvent.1 ActiveX function call a... RuleID : 8746 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAEvent.1 ActiveX CLSID unicode access RuleID : 8745 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAEvent.1 ActiveX clsid access RuleID : 8744 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAFontStyle.1 ActiveX function ca... RuleID : 8743 - Revision : 15 - Type : BROWSER-PLUGINS |
2014-01-10 | DirectAnimation.DAFontStyle.1 ActiveX CLSID unicode access RuleID : 8742 - Revision : 6 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Internet Explorer DirectAnimation.DAFontStyle.1 ActiveX clsid access RuleID : 8741 - Revision : 16 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Windows DirectAnimation.StructuredGraphicsControl ActiveX function ... RuleID : 7009 - Revision : 17 - Type : BROWSER-PLUGINS |
2014-01-10 | Microsoft Internet Explorer daxctle.ocx spline method buffer overflow attempt RuleID : 19885 - Revision : 9 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-11-14 | Name : Arbitrary code can be executed on the remote host through the web client. File : smb_nt_ms06-067.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-07-27 00:24:35 |
|
2021-07-24 01:44:12 |
|
2021-07-24 01:02:56 |
|
2021-07-23 17:24:39 |
|
2021-05-04 12:04:34 |
|
2021-04-22 01:05:13 |
|
2020-05-23 00:18:22 |
|
2018-10-18 00:19:41 |
|
2018-10-13 00:22:35 |
|
2017-10-11 09:23:45 |
|
2017-07-20 09:23:53 |
|
2016-06-28 15:57:20 |
|
2016-04-26 15:03:59 |
|
2014-02-17 10:37:15 |
|
2013-05-11 11:09:11 |
|