Oval Definition:oval:org.mitre.oval:def:433
Revision Date:2015-08-03Version:51
Title:HTML Layout and Positioning Memory Corruption Vulnerability
Description:Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2006-3450
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):Microsoft Internet Explorer
Definition Synopsis
  • Server 2003-Gold
  • Microsoft Windows Server 2003 (x86) Gold is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND the version of mshtml.dll is less than 6.0.3790.554
  • XP,SP1 (64-bit) and Server 2003, SP1
  • Windows XP (64-bit,SP1) or Server 2003 (SP1) is installed
  • Microsoft Windows XP SP1 (64-bit) is installed
  • OR Microsoft Windows Server 2003 SP1 (x86) is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND the version of mshtml.dll is less than 6.0.3790.2759
  • IE 6 on Windows XP,SP2
  • Microsoft Windows XP SP2 or later is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND Mshtml.dll version is less than 6.0.2900.2963
  • IE 6 on Windows 2000 or XP,SP1 (32-bit)
  • Win2K,SP4 or XP,SP1 (32-bit) is installed
  • Microsoft Windows 2000 SP4 or later is installed
  • OR Microsoft Windows XP SP1 (32-bit) is installed
  • AND Microsoft Internet Explorer 6 is installed
  • AND the version of mshtml.dll is less than 6.0.2800.1561
    • BACK