ID CVE-2006-2218
Summary Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.
References
Vulnerable Configurations
  • Microsoft Internet Explorer 6.0
    cpe:2.3:a:microsoft:ie:6.0
  • Microsoft Windows XP Service Pack 2
    cpe:2.3:o:microsoft:windows_xp:-:sp2
CVSS
Base: 9.3 (as of 08-05-2006 - 09:10)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS06-021.NASL
description The remote host is missing the IE cumulative security update 916281. The remote version of IE is vulnerable to several flaws that could allow an attacker to execute arbitrary code on the remote host.
last seen 2019-02-21
modified 2018-11-15
plugin id 21685
published 2006-06-13
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=21685
title MS06-021: Cumulative Security Update for Internet Explorer (916281)
oval via4
  • accepted 2011-05-16T04:00:17.644-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.
    family windows
    id oval:org.mitre.oval:def:1078
    status accepted
    submitted 2006-06-14T09:55:00.000-04:00
    title Exception Handling Memory Corruption Vulnerability (S03,SP1)
    version 67
  • accepted 2011-05-16T04:01:40.535-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Jonathan Baker
      organization The MITRE Corporation
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.
    family windows
    id oval:org.mitre.oval:def:1728
    status accepted
    submitted 2006-06-14T09:55:00.000-04:00
    title Exception Handling Memory Corruption Vulnerability (WinS03)
    version 67
  • accepted 2014-02-24T04:00:23.098-05:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    description Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.
    family windows
    id oval:org.mitre.oval:def:1765
    status accepted
    submitted 2006-06-14T09:55:00.000-04:00
    title Exception Handling Memory Corruption Vulnerability (2K/XP)
    version 70
  • accepted 2011-05-16T04:01:46.326-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Dragos Prisaca
      organization Gideon Technologies, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.
    family windows
    id oval:org.mitre.oval:def:1768
    status accepted
    submitted 2006-06-14T09:55:00.000-04:00
    title Exception Handling Memory Corruption Vulnerability (XP,SP2)
    version 68
  • accepted 2014-02-24T04:00:24.392-05:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Anna Min
      organization BigFix, Inc
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    description Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.
    family windows
    id oval:org.mitre.oval:def:1845
    status accepted
    submitted 2006-06-14T09:55:00.000-04:00
    title Exception Handling Memory Corruption Vulnerability (Win2k)
    version 70
  • accepted 2011-05-16T04:02:10.263-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.
    family windows
    id oval:org.mitre.oval:def:1961
    status accepted
    submitted 2006-06-14T09:55:00.000-04:00
    title Exception Handling Memory Corruption Vulnerability(64-bit XP)
    version 67
refmap via4
bid 17820
bugtraq 20060614 Secunia Resaerch: Internet Explorer Exception Handling Memory Corruption Vulnerability
cert TA06-164A
cert-vn VU#338828
misc http://secunia.com/secunia_research/2006-41/advisory
ms MS06-021
osvdb 27475
sectrack 1016291
secunia 19762
vupen ADV-2006-2319
Last major update 11-10-2011 - 00:00
Published 05-05-2006 - 08:46
Last modified 18-10-2018 - 12:38
Back to Top