Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-1188 — Out-of-bounds Write in Microsoft IE

4 documents4 sources

Severity

7.5HIGHNVD

EPSS

64.0%

top 1.56%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft IE Microsoft Internet Explorer

Timeline

PublishedApr 11

Latest updateMay 1

Description

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via HTML elements with a certain crafted tag, which leads to memory corruption.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/internet_explorer8 versions+7

▶NVDmicrosoft/ie4 versions+3

Patches

Patch: www.kb.cert.org ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-37vv-xjjq-53p5: Microsoft Internet Explorer 5↗2022-05-01

▶

CVEList

CVE-2006-1188: Microsoft Internet Explorer 5↗2006-04-11

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)↗2006-05-27

▶