CVE-2006-5579

Microsoft Internet Explorer 6 - Remote Code Execution via JavaScript Error Handling

Title source: llm
STIX 2.1

Description

Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka "Script Error Handling Memory Corruption Vulnerability."

References (12)

Core 12
Core References
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4966
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/599832
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA06-346A.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/30813
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://www.securityfocus.com/archive/1/454969/100/200/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/454205/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21552
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A761
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20807
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1017373

Scores

EPSS 0.3107
EPSS Percentile 98.1%

Details

CWE
CWE-119
Status published
Products (1)
microsoft/internet_explorer 6
Published Dec 12, 2006
Tracked Since Feb 18, 2026