Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-1190Microsoft Internet Explorer vulnerability

4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
78.4%
top 0.97%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedApr 11
Latest updateMay 1

Description

Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/internet_explorer4 versions+3

🔴Vulnerability Details

1
GHSA
GHSA-c23p-xxjh-mj75: Microsoft Internet Explorer 52022-05-01

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)2006-05-27

💬Community

1
Bugzilla
CVE-2004-1190 Continued raw access issues2005-05-26
CVE-2006-1190 — Microsoft vulnerability | cvebase