1. CVE-Search
  2. CVE-2006-5577
ID CVE-2006-5577
Summary Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:ie:*:windows_server_2003_sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:*:windows_server_2003_sp1:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 17-10-2018 - 21:43)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:N
oval via4
accepted 2015-08-03T04:01:54.188-04:00
class vulnerability
contributors
  • name Robert L. Hollis
    organization ThreatGuard, Inc.
  • name Matthew Wojcik
    organization The MITRE Corporation
  • name Preeti Subramanian
    organization SecPod Technologies
  • name Maria Mikhno
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Windows Server 2003 (x86) Gold is installed
    oval oval:org.mitre.oval:def:165
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows XP SP1 (64-bit) is installed
    oval oval:org.mitre.oval:def:480
  • comment Microsoft Windows Server 2003 SP1 (x86) is installed
    oval oval:org.mitre.oval:def:565
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows XP SP2 or later is installed
    oval oval:org.mitre.oval:def:521
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Internet Explorer 5.01 SP4 is installed
    oval oval:org.mitre.oval:def:325
description Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578.
family windows
id oval:org.mitre.oval:def:313
status accepted
submitted 2006-12-13T08:17:04
title TIF Folder Information Disclosure Vulnerability
version 78
refmap via4
bid 21507
cert TA06-346A
hp
  • HPSBST02180
  • SSRT061288
osvdb 30816
sectrack 1017374
secunia 23288
vupen ADV-2006-4966
Last major update 17-10-2018 - 21:43
Published 12-12-2006 - 20:28
Last modified 17-10-2018 - 21:43
Back to Top