CVE-2006-1186

Microsoft Internet Explorer <6 - RCE

Title source: llm

Description

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.

Exploits (1)

exploitdb WORKING POC

htmldoswindows

https://www.exploit-db.com/exploits/1838

View on exploitdb

References (13)

[Patch, Vendor Advisory] http://secunia.com/advisories/18957

[US Government Resource] http://www.kb.cert.org/vuls/id/959049

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA06-101A.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/17453

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/25545

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1446

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1589

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1651

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1704

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A791

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015900

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/1318

Scores

EPSS 0.7482

EPSS Percentile 98.8%

Classification

Status draft

Affected Products (21)

microsoft/ie

microsoft/internet_explorer

... and 6 more

Timeline

Published Apr 11, 2006

Tracked Since Feb 18, 2026