CVE-2006-3658 — Microsoft IE vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

29.9%

top 3.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft IE Microsoft Internet Explorer

Timeline

PublishedJul 18

Latest updateMay 1

Description

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX object, which triggers a null dereference in the security check.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDmicrosoft/internet_explorer6

▶NVDmicrosoft/ie6

🔴Vulnerability Details

GHSA

GHSA-cmr6-6h59-5fw8: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX↗2022-05-01

▶

CVEList

CVE-2006-3658: Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by accessing the object references of a FolderItem ActiveX↗2006-07-17

▶