| Vulnerability Name: | CVE-2006-5579 (CCN-30600) | ||||||||
| Assigned: | 2006-12-12 | ||||||||
| Published: | 2006-12-12 | ||||||||
| Updated: | 2021-07-23 | ||||||||
| Summary: | Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka "Script Error Handling Memory Corruption Vulnerability." | ||||||||
| CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-119 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-5579 Source: CCN Type: SA20807 Internet Explorer Script Error Handling Memory Corruption Vulnerability Source: SECUNIA Type: UNKNOWN 20807 Source: MISC Type: Vendor Advisory http://secunia.com/secunia_research/2006-58/advisory/ Source: CCN Type: SECTRACK ID: 1017373 Microsoft Internet Explorer DHTML and Script Error Handling Bugs Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1017373 Source: CCN Type: ASA-2006-273 MS06-072 Cumulative Security Update for Internet Explorer (925454) Source: CCN Type: IBM Internet Security Systems Protection Alert, Dec 12, 2006 Critical Vulnerabilities in MS06-072 Source: CCN Type: US-CERT VU#599832 Microsoft Internet Explorer Script Error Handling Memory Corruption Vulnerability Source: CERT-VN Type: US Government Resource VU#599832 Source: CCN Type: Microsoft Security Bulletin MS06-072 Cumulative Security Update for Internet Explorer (925454) Source: CCN Type: Microsoft Security Bulletin MS07-016 Cumulative Security Update for Internet Explorer (928090) Source: CCN Type: Microsoft Security Bulletin MS07-027 Cumulative Security Update for Internet Explorer (931768) Source: CCN Type: Microsoft Security Bulletin MS07-033 Cumulative Security Update for Internet Explorer (933566) Source: CCN Type: Microsoft Security Bulletin MS07-045 Cumulative Security Update for Internet Explorer (937143) Source: CCN Type: Microsoft Security Bulletin MS07-057 Cumulative Security Update for Internet Explorer (939653) Source: CCN Type: Microsoft Security Bulletin MS07-069 Cumulative Security Update for Internet Explorer (942615) Source: CCN Type: Microsoft Security Bulletin MS08-010 Cumulative Security Update for Internet Explorer (944533) Source: CCN Type: Microsoft Security Bulletin MS08-024 Cumulative Security Update for Internet Explorer (947864) Source: CCN Type: Microsoft Security Bulletin MS08-031 Cumulative Security Update for Internet Explorer (950759) Source: CCN Type: Microsoft Security Bulletin MS08-045 Cumulative Security Update for Internet Explorer (953838) Source: CCN Type: Microsoft Security Bulletin MS08-058 Cumulative Security Update for Internet Explorer (956390) Source: OSVDB Type: UNKNOWN 30813 Source: CCN Type: OSVDB ID: 30813 Microsoft IE Script Error Handling Memory Corruption Source: BUGTRAQ Type: UNKNOWN 20061212 Secunia Research: Internet Explorer Script Error Handling MemoryCorruption Source: HP Type: UNKNOWN SSRT061288 Source: BID Type: UNKNOWN 21552 Source: CCN Type: BID-21552 Microsoft Internet Explorer Script Error Handling Remote Code Execution Vulnerability Source: CERT Type: US Government Resource TA06-346A Source: VUPEN Type: Vendor Advisory ADV-2006-4966 Source: MS Type: UNKNOWN MS06-072 Source: XF Type: UNKNOWN ie-scripterror-code-execution(30600) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:761 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||