CVE-2006-5162

Microsoft Internet Explorer <6.0 SP2 - DoS

Title source: llm

Description

wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows remote attackers to cause a denial of service (unhandled exception and crash) via a long Content-Type header, which triggers a stack overflow.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Firestorm · perldoswindows

https://www.exploit-db.com/exploits/2039

View Code ZIP pw:eip

References (7)

[Broken Link] http://www.osvdb.org/29129

[Broken Link] https://exchange.xforce.ibmcloud.com/vulnerabilities/27900

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/2039

[Not Applicable] http://www.vupen.com/english/advisories/2006/2917

[Broken Link] http://archives.neohapsis.com/archives/bugtraq/2006-07/0379.html

[Exploit, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/19092

[Exploit, Third Party Advisory] http://securityreason.com/securityalert/1683

Scores

EPSS 0.2019

EPSS Percentile 95.5%

Details

Status published

Products (4)

microsoft/internet_explorer 5.0

microsoft/internet_explorer 5.0.1 (5 CPE variants)

microsoft/internet_explorer 5.5 (3 CPE variants)

microsoft/internet_explorer 6.0 (3 CPE variants)

Published Oct 05, 2006

Tracked Since Feb 18, 2026