Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-3730Code Injection in Microsoft IE

CWE-94Code Injection10 documents5 sources
Severity
8.8HIGHNVD
EPSS
86.9%
top 0.57%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft IEMicrosoft Internet Explorer
Timeline
PublishedJul 21
Latest updateMay 1

Description

Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDmicrosoft/ie6.0

🔴Vulnerability Details

3
GHSA
GHSA-3w9c-vcrh-mvp2: Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary2022-05-01
CVEList
CVE-2006-3730: Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary2006-07-19
VulnCheck
Microsoft Internet Explorer Improper Control of Generation of Code ('Code Injection')2006

💥Exploits & PoCs

6
Exploit-DB
OpenSSL 1.1.0 - Remote Client Denial of Service2017-01-26
Exploit-DB
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (MS06-057) (Metasploit) (2)2010-07-03
Exploit-DB
Microsoft Internet Explorer - WebViewFolderIcon setSlice() (2)2006-09-29
Exploit-DB
Microsoft Internet Explorer - WebViewFolderIcon setSlice() (1)2006-09-29
Exploit-DB
Microsoft Internet Explorer - WebViewFolderIcon setSlice() (HTML)2006-09-28