Oval Definition:oval:org.mitre.oval:def:116
Revision Date:2015-08-03Version:48
Title:DHTML Script Function Memory Corruption Vulnerability
Description:Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-5581
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • Server 2003-Gold
  • Microsoft Windows Server 2003 (x86) Gold is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND the version of mshtml.dll is less than 6.0.3790.605
  • XP,SP1 (64-bit) and Server 2003, SP1
  • Windows XP (64-bit,SP1) or Server 2003 (SP1) is installed
  • Microsoft Windows XP SP1 (64-bit) is installed
  • OR Microsoft Windows Server 2003 SP1 (x86) is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND the version of mshtml.dll is less than 6.0.3790.2817
  • IE 6 on Windows XP,SP2
  • Microsoft Windows XP SP2 or later is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND Mshtml.dll version is less than 6.0.2900.3020
  • IE 6 on Windows 2000
  • Microsoft Windows 2000 SP4 or later is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND the version of mshtml.dll is less than 6.0.2800.1586
    • BACK