CVE-2006-2385Code Injection in Microsoft IE

CWE-94Code Injection3 documents3 sources
Severity
7.6HIGHNVD
EPSS
18.2%
top 4.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedJun 13
Latest updateMay 1

Description

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages2 packages

NVDmicrosoft/ie6.0

🔴Vulnerability Details

2
GHSA
GHSA-x3r6-8rcc-599c: Unspecified vulnerability in Microsoft Internet Explorer 52022-05-01
CVEList
CVE-2006-2385: Unspecified vulnerability in Microsoft Internet Explorer 52006-06-13
CVE-2006-2385 — Code Injection in Microsoft IE | cvebase