Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-4868Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Internet Explorer

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents5 sources
Severity
9.3CRITICALNVD
EPSS
68.4%
top 1.38%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft Internet ExplorerMicrosoft Outlook
Timeline
PublishedSep 19
Latest updateMay 1

Description

Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDmicrosoft/internet_explorer5.0.1, 6.0+1

Patches

Patch: secunia.comPatch: www.microsoft.comPatch: www.securityfocus.com

🔴Vulnerability Details

3
GHSA
GHSA-57hx-f9jp-528m: Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx2022-05-01
CVEList
CVE-2006-4868: Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx2006-09-19
VulnCheck
Microsoft Windows Improper Restriction of Operations within the Bounds of a Memory Buffer2006

💥Exploits & PoCs

3
Exploit-DB
Microsoft Internet Explorer - 'VML' Fill Method Code Execution (MS06-055) (Metasploit)2010-07-03
Exploit-DB
Microsoft Internet Explorer - 'VML' Remote Buffer Overflow (SP2)2006-09-25
Exploit-DB
Microsoft Internet Explorer (Windows XP SP2) - 'VML' Remote Buffer Overflow2006-09-24
CVE-2006-4868 — Microsoft vulnerability | cvebase