| Revision Date: | 2015-08-03 | Version: | 51 | | Title: | CSS Memory Corruption Vulnerability | | Description: | Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors. | | Family: | windows | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2006-3451
| | Platform(s): | Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows XP
| Product(s): | Microsoft Internet Explorer
| | Definition Synopsis | | Server 2003-Gold Microsoft Windows Server 2003 (x86) Gold is installed
AND Microsoft Internet Explorer 6 is installed
AND the version of mshtml.dll is less than 6.0.3790.554
XP,SP1 (64-bit) and Server 2003, SP1
Windows XP (64-bit,SP1) or Server 2003 (SP1) is installed
Microsoft Windows XP SP1 (64-bit) is installed
OR Microsoft Windows Server 2003 SP1 (x86) is installed
AND Microsoft Internet Explorer 6 is installed
AND the version of mshtml.dll is less than 6.0.3790.2759
IE 6 on Windows XP,SP2
Microsoft Windows XP SP2 or later is installed
AND Microsoft Internet Explorer 6 is installed
AND Mshtml.dll version is less than 6.0.2900.2963
IE 6 on Windows 2000 or XP,SP1 (32-bit)
Win2K,SP4 or XP,SP1 (32-bit) is installed
Microsoft Windows 2000 SP4 or later is installed
OR Microsoft Windows XP SP1 (32-bit) is installed
AND Microsoft Internet Explorer 6 is installed
AND the version of mshtml.dll is less than 6.0.2800.1561
IE 5.01,SP4 on Win2k,SP4
Microsoft Windows 2000 SP4 or later is installed
AND Microsoft Internet Explorer 5.01 SP4 is installed
AND the version of mshtml.dll is less than 5.0.3842.3000
|
|