CVE-2006-0585 — Microsoft Internet Explorer vulnerability

2 documents2 sources

Severity

5.0MEDIUMNVD

EPSS

21.9%

top 4.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedFeb 8

Latest updateMay 1

Description

jscript.dll in Microsoft Internet Explorer 6.0 SP1 and earlier allows remote attackers to cause a denial of service (application crash) via a Shockwave Flash object that contains ActionScript code that calls VBScript, which in turn calls the Javascript document.write function, which triggers a null dereference.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer6+51

🔴Vulnerability Details

GHSA

GHSA-4c25-hrfv-m2p9: jscript↗2022-05-01

▶