Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-3943Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft IE

4 documents4 sources
Severity
2.6LOWNVD
EPSS
33.0%
top 3.10%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft IE
Timeline
PublishedJul 31
Latest updateMay 1

Description

Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) via long (1) RGBExtraColor, (2) RGBForeColor, and (3) RGBBackColor properties.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-4fj6-rx5x-8xqv: Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service2022-05-01
CVEList
CVE-2006-3943: Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service2006-07-31

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 6 - NDFXArtEffects Stack Overflow2006-07-27
CVE-2006-3943 — Microsoft IE vulnerability | cvebase