CVE-2006-3200 — Microsoft Internet Explorer vulnerability

5 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

29.9%

top 3.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Internet Explorer

Timeline

PublishedJun 23

Latest updateMay 1

Description

Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash) via an IFRAME with a src tag containing a "File://" URI followed by an 8-bit character. NOTE: some third parties were unable to verify this issue.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/internet_explorer6.0.2900

🔴Vulnerability Details

GHSA

GHSA-93g8-jxg6-4j2g: Unspecified versions of Internet Explorer allow remote attackers to cause a denial of service (crash) via an IFRAME with a src tag containing a "File:↗2022-05-01

▶

💥Exploits & PoCs

Exploit-DB

SAP Web Application Server 6.40 - Arbitrary File Disclosure↗2007-02-08

▶

📋Vendor Advisories

Cisco

Access Point Web-browser Interface Vulnerability↗2006-06-28

▶

Cisco

Access Point Web-browser Interface Vulnerability↗

▶