Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-3510Microsoft IE vulnerability

6 documents5 sources
Severity
2.6LOWNVD
EPSS
38.7%
top 2.74%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft IE
Timeline
PublishedJul 11
Latest updateMay 1

Description

The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (crash) via a series of operations that result in an invalid length calculation when using SysAllocStringLen, then triggers a buffer over-read.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

NVDmicrosoft/ie6.0

🔴Vulnerability Details

2
GHSA
GHSA-vfxm-g7m7-49v9: The Remote Data Service Object (RDS2022-05-01
CVEList
CVE-2006-3510: The Remote Data Service Object (RDS2006-07-11

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 6 - RDS.DataControl Denial of Service2006-07-08

💬Community

2
Bugzilla
A number of tomcat issues2007-05-09
Bugzilla
CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835 CVE-2005-3510 CVE-2005-4838)2007-04-30
CVE-2006-3510 — Microsoft IE vulnerability | cvebase