Description
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via crafted layout combinations involving DIV tags and HTML CSS float properties that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."
References (11)
Core 11
Core References
Vendor Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-06-041.html
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA06-318A.html
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A456
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/31323
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/197852
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1017223
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4505
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/451590/100/100/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29199
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/21020
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067
Scores
EPSS
0.2480
EPSS Percentile
97.7%
Details
CWE
CWE-119
Status
published
Products (3)
microsoft/ie
6 windows_server_2003_sp1
microsoft/internet_explorer
5.1
microsoft/internet_explorer
5.5 (4 CPE variants)
Published
Nov 14, 2006
Tracked Since
Feb 18, 2026