CVE-2006-1186

Microsoft Internet Explorer <6 - RCE

Title source: llm

Description

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.

Exploits (1)

exploitdb WORKING POC

htmldoswindows

https://www.exploit-db.com/exploits/1838

View Code ZIP pw:eip

References (13)

[Patch, Vendor Advisory] http://secunia.com/advisories/18957

[US Government Resource] http://www.kb.cert.org/vuls/id/959049

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA06-101A.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/17453

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/25545

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1446

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1589

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1651

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1704

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A791

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1015900

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/1318

Scores

EPSS 0.7482

EPSS Percentile 98.9%

Details

Status published

Products (7)

microsoft/ie 5.0.1 (4 CPE variants)

microsoft/ie 5.01 windows_2000_sp4

microsoft/ie 6 windows_server_2003_sp1

microsoft/internet_explorer 5.0.1 (5 CPE variants)

microsoft/internet_explorer 5.01 (5 CPE variants)

microsoft/internet_explorer 5.1

microsoft/internet_explorer 5.5 (4 CPE variants)

Published Apr 11, 2006

Tracked Since Feb 18, 2026