Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-3729Microsoft Internet Explorer vulnerability

3 documents3 sources
Severity
2.6LOWNVD
EPSS
18.9%
top 4.67%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Internet Explorer
Timeline
PublishedJul 21
Latest updateMay 1

Description

DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attackers to cause a denial of service (crash) via a large negative integer argument to the getDataMemberName method of a OWC11.DataSourceControl.11 object, which leads to an integer overflow and a null dereference.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-vgch-mr78-w8g4: DataSourceControl in Internet Explorer 6 on Windows XP SP2 with Office installed allows remote attackers to cause a denial of service (crash) via a la2022-05-01

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 6 - DataSourceControl Denial of Service2006-07-19
CVE-2006-3729 — Microsoft vulnerability | cvebase