| Vulnerability Name: | CVE-2006-5578 (CCN-30602) | ||||||||
| Assigned: | 2006-12-12 | ||||||||
| Published: | 2006-12-12 | ||||||||
| Updated: | 2018-10-17 | ||||||||
| Summary: | Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577. | ||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N) 1.9 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-5578 Source: CCN Type: SA23288 Internet Explorer Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 23288 Source: CCN Type: SECTRACK ID: 1017374 Microsoft Internet Explorer May Disclose Contents of the Temporary Internet Files Folder to Remote Users Source: SECTRACK Type: UNKNOWN 1017374 Source: CCN Type: ASA-2006-273 MS06-072 Cumulative Security Update for Internet Explorer (925454) Source: CCN Type: US-CERT VU#694344 Microsoft Internet Explorer TIF Folder arbitrary file access vulnerability Source: CERT-VN Type: US Government Resource VU#694344 Source: CCN Type: Microsoft Security Bulletin MS06-072 Cumulative Security Update for Internet Explorer (925454) Source: CCN Type: Microsoft Security Bulletin MS07-016 Cumulative Security Update for Internet Explorer (928090) Source: CCN Type: Microsoft Security Bulletin MS07-027 Cumulative Security Update for Internet Explorer (931768) Source: CCN Type: Microsoft Security Bulletin MS07-033 Cumulative Security Update for Internet Explorer (933566) Source: CCN Type: Microsoft Security Bulletin MS07-045 Cumulative Security Update for Internet Explorer (937143) Source: CCN Type: Microsoft Security Bulletin MS07-057 Cumulative Security Update for Internet Explorer (939653) Source: CCN Type: Microsoft Security Bulletin MS07-069 Cumulative Security Update for Internet Explorer (942615) Source: CCN Type: Microsoft Security Bulletin MS08-010 Cumulative Security Update for Internet Explorer (944533) Source: CCN Type: Microsoft Security Bulletin MS08-024 Cumulative Security Update for Internet Explorer (947864) Source: CCN Type: Microsoft Security Bulletin MS08-031 Cumulative Security Update for Internet Explorer (950759) Source: CCN Type: Microsoft Security Bulletin MS08-045 Cumulative Security Update for Internet Explorer (953838) Source: CCN Type: Microsoft Security Bulletin MS08-058 Cumulative Security Update for Internet Explorer (956390) Source: OSVDB Type: UNKNOWN 30815 Source: CCN Type: OSVDB ID: 30815 Microsoft IE TIF Folder Drag and Drop Operation Information Disclosure Source: HP Type: UNKNOWN SSRT061288 Source: BID Type: UNKNOWN 21494 Source: CCN Type: BID-21494 Microsoft Internet Explorer Drag and Drop TIF Folder Information Disclosure Vulnerability Source: CERT Type: US Government Resource TA06-346A Source: VUPEN Type: UNKNOWN ADV-2006-4966 Source: MS Type: UNKNOWN MS06-072 Source: XF Type: UNKNOWN ie-tif-draganddrop-information-disclosure(30602) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:337 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||