CVE-2006-3657 — Microsoft IE vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

30.9%

top 3.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft IE Microsoft Internet Explorer

Timeline

PublishedJul 18

Latest updateMay 1

Description

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform.Microsoft.Gradient ActiveX object with a long (1) StartColorStr or (2) EndColorStr property.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDmicrosoft/internet_explorer6

▶NVDmicrosoft/ie6

🔴Vulnerability Details

GHSA

GHSA-mwjr-qx46-m77j: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform↗2022-05-01

▶

CVEList

CVE-2006-3657: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (stack overflow exception) via a DXImageTransform↗2006-07-17

▶