| Vulnerability Name: | CVE-2006-1245 (CCN-25292) | ||||||||||||||||||||||||
| Assigned: | 2006-03-16 | ||||||||||||||||||||||||
| Published: | 2006-03-16 | ||||||||||||||||||||||||
| Updated: | 2018-10-18 | ||||||||||||||||||||||||
| Summary: | Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability." | ||||||||||||||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||
| References: | Source: BUGTRAQ Type: UNKNOWN 20060316 Remote overflow in MSIE script action handlers (mshtml.dll) Source: CCN Type: BugTraq Mailing List, Thu Mar 16 2006 - 13:22:55 CST Remote overflow in MSIE script action handlers (mshtml.dll) Source: CCN Type: Full-Disclosure Mailing List, Thu Mar 16 2006 - 15:13:37 CST Re: Remote overflow in MSIE script action handlers (mshtml.dll) Source: CCN Type: Microsoft Security Response Center Blog, Tuesday, March 21, 2006 12:54 AM Publicly disclosed vulnerability in Internet Explorer Source: MITRE Type: CNA CVE-2006-1245 Source: MITRE Type: CNA CVE-2006-1273 Source: CCN Type: SA18957 Internet Explorer Multiple Vulnerabilities Source: SECUNIA Type: Patch, Vendor Advisory 18957 Source: CCN Type: SA19269 Internet Explorer Multiple Event Handlers Memory Corruption Vulnerability Source: SECUNIA Type: Patch, Vendor Advisory 19269 Source: CCN Type: SECTRACK ID: 1015794 (Vendor Issues Fix) Microsoft Internet Explorer `mshtml.dll` Bug in Processing Multiple Action Handlers Lets Remote Users Deny Service Source: SECTRACK Type: Patch 1015794 Source: CCN Type: ASA-2006-079 Windows Security Updates for April 2006 - (MS06-013 - MS06-017) Source: CCN Type: US-CERT VU#984473 Microsoft Internet Explorer contains overflow in processing script action handlers Source: CERT-VN Type: Third Party Advisory, US Government Resource VU#984473 Source: CCN Type: Microsoft Security Bulletin MS06-013 Cumulative Security Update for Internet Explorer (912812) Source: CCN Type: Microsoft Security Bulletin MS06-021 Cumulative Security Update for Internet Explorer (916281) Source: CCN Type: Microsoft Security Bulletin MS06-042 Cumulative Security Update for Internet Explorer (918899) Source: CCN Type: Microsoft Security Bulletin MS06-067 Cumulative Security Update for Internet Explorer (922760) Source: CCN Type: Microsoft Security Bulletin MS06-072 Cumulative Security Update for Internet Explorer (925454) Source: CCN Type: Microsoft Security Bulletin MS07-016 Cumulative Security Update for Internet Explorer (928090) Source: CCN Type: Microsoft Security Bulletin MS07-027 Cumulative Security Update for Internet Explorer (931768) Source: CCN Type: Microsoft Security Bulletin MS07-033 Cumulative Security Update for Internet Explorer (933566) Source: CCN Type: Microsoft Security Bulletin MS07-045 Cumulative Security Update for Internet Explorer (937143) Source: CCN Type: Microsoft Security Bulletin MS07-057 Cumulative Security Update for Internet Explorer (939653) Source: CCN Type: Microsoft Security Bulletin MS07-069 Cumulative Security Update for Internet Explorer (942615) Source: CCN Type: Microsoft Security Bulletin MS08-010 Cumulative Security Update for Internet Explorer (944533) Source: CCN Type: Microsoft Security Bulletin MS08-024 Cumulative Security Update for Internet Explorer (947864) Source: CCN Type: Microsoft Security Bulletin MS08-031 Cumulative Security Update for Internet Explorer (950759) Source: CCN Type: Microsoft Security Bulletin MS08-045 Cumulative Security Update for Internet Explorer (953838) Source: CCN Type: Microsoft Security Bulletin MS08-058 Cumulative Security Update for Internet Explorer (956390) Source: OSVDB Type: Exploit 23964 Source: CCN Type: OSVDB ID: 23964 Microsoft IE mshtml.dll Multiple Script Action Handler Overflow Source: CCN Type: OSVDB ID: 31833 Mozilla Firefox Multiple Script Action Handler Overflow Source: BUGTRAQ Type: UNKNOWN 20060325 Re: [optimized PoC] Remote overflow in MSIE script action handlers (mshtml.dll) Source: BUGTRAQ Type: UNKNOWN 20061203 MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit Source: BUGTRAQ Type: UNKNOWN 20061205 Re: MS Internet Explorer 6.0 (mshtml.dll) Denial of Service Exploit Source: BID Type: Exploit, Patch 17131 Source: CCN Type: BID-17131 Microsoft Internet Explorer Script Action Handler Buffer Overflow Vulnerability Source: CCN Type: US-CERT Technical Cyber Security Alert TA06-101A Microsoft Windows and Internet Explorer Vulnerabilities Source: CERT Type: Third Party Advisory, US Government Resource TA06-101A Source: VUPEN Type: UNKNOWN ADV-2006-1318 Source: CCN Type: Internet Security Systems Protection Alert - April 11, 2006 Cumulative Security Update for Internet Explorer Source: MS Type: UNKNOWN MS06-013 Source: XF Type: UNKNOWN ie-mshtml-bo(25292) Source: XF Type: UNKNOWN ie-mshtml-bo(25292) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1451 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1569 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1599 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1632 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1766 | ||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||