Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-1191Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
4.0MEDIUMNVD
EPSS
50.3%
top 2.15%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedApr 11
Latest updateMay 1

Description

Microsoft Internet Explorer 5.01 through 6 does not always correctly identify the domain that is associated with a browser window, which allows remote attackers to obtain sensitive cross-domain information and spoof sites by running script after the user has navigated to another site.

CVSS vector

AV:N/AC:H/C:P/I:P/A:NExploitability: 4.9 | Impact: 4.9

Affected Packages1 packages

NVDmicrosoft/internet_explorer4 versions+3

🔴Vulnerability Details

1
GHSA
GHSA-j5wx-wp48-93f7: Microsoft Internet Explorer 52022-05-01

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)2006-05-27
CVE-2006-1191 — Microsoft vulnerability | cvebase