Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-4219Microsoft IE vulnerability

4 documents4 sources
Severity
7.5HIGHNVD
EPSS
41.2%
top 2.60%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft IE
Timeline
PublishedAug 18
Latest updateMay 1

Description

The Terminal Services COM object (tsuserex.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by instantiating it as an ActiveX object in Internet Explorer 6.0 SP1 on Microsoft Windows 2003 EE SP1 CN.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/ie6.0

🔴Vulnerability Details

2
GHSA
GHSA-3fr9-jc22-8q7g: The Terminal Services COM object (tsuserex2022-05-01
CVEList
CVE-2006-4219: The Terminal Services COM object (tsuserex2006-08-18

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer 6 - 'TSUserEX.dll' ActiveX Control Memory Corruption2006-08-17
CVE-2006-4219 — Microsoft IE vulnerability | cvebase