Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-0544Microsoft IE vulnerability

6 documents5 sources
Severity
7.5HIGHNVD
EPSS
26.5%
top 3.67%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft IE
Timeline
PublishedFeb 4
Latest updateMay 1

Description

urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" (dash of hyphen) characters.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/ie7.0

🔴Vulnerability Details

2
GHSA
GHSA-vwhf-mw34-8mq8: urlmon2022-05-01
CVEList
CVE-2006-0544: urlmon2006-02-04

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 7.0 Beta 2 - 'urlmon.dll' Denial of Service2006-02-07

💬Community

2
Bugzilla
CVE-2006-1516 mysql anonymous login information leak2006-05-05
Bugzilla
CVE-2006-1517 Mysql information leak2006-05-04
CVE-2006-0544 — Microsoft IE vulnerability | cvebase