CVE-2006-1359
EXPLOITEDMicrosoft Internet Explorer <7 - RCE/DoS
Title source: llmDescription
Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer.
Exploits (6)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16578
exploitdb
WORKING POC
VERIFIED
by Randy Flood · remotewindows
https://www.exploit-db.com/exploits/1620
exploitdb
WORKING POC
VERIFIED
by ATmaCA · c++remotewindows
https://www.exploit-db.com/exploits/1628
exploitdb
WORKING POC
VERIFIED
by darkeagle · htmlremotewindows
https://www.exploit-db.com/exploits/1606
metasploit
WORKING POC
NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ms06_013_createtextrange.rb
References (28)
... and 8 more
Scores
EPSS
0.8760
EPSS Percentile
99.5%
Details
VulnCheck KEV
2006-04-11
CWE
CWE-94
Status
published
Products (3)
microsoft/ie
6.0 sp1 (2 CPE variants)
microsoft/ie
7.0 beta_2
microsoft/internet_explorer
6.0
Published
Mar 23, 2006
Tracked Since
Feb 18, 2026