ID CVE-2006-5578
Summary Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:ie:*:windows_server_2003_sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:ie:*:windows_server_2003_sp1:*:*:*:*:*:*
CVSS
Base: 2.6 (as of 17-10-2018 - 21:43)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:H/Au:N/C:P/I:N/A:N
oval via4
accepted 2015-08-03T04:01:54.427-04:00
class vulnerability
contributors
  • name Robert L. Hollis
    organization ThreatGuard, Inc.
  • name Matthew Wojcik
    organization The MITRE Corporation
  • name Preeti Subramanian
    organization SecPod Technologies
  • name Maria Mikhno
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Windows Server 2003 (x86) Gold is installed
    oval oval:org.mitre.oval:def:165
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows XP SP1 (64-bit) is installed
    oval oval:org.mitre.oval:def:480
  • comment Microsoft Windows Server 2003 SP1 (x86) is installed
    oval oval:org.mitre.oval:def:565
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows XP SP2 or later is installed
    oval oval:org.mitre.oval:def:521
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Internet Explorer 6 is installed
    oval oval:org.mitre.oval:def:563
  • comment Microsoft Windows 2000 SP4 or later is installed
    oval oval:org.mitre.oval:def:229
  • comment Microsoft Internet Explorer 5.01 SP4 is installed
    oval oval:org.mitre.oval:def:325
description Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577.
family windows
id oval:org.mitre.oval:def:337
status accepted
submitted 2006-12-13T08:17:04
title TIF Folder Information Disclosure Vulnerability
version 78
refmap via4
bid 21494
cert TA06-346A
cert-vn VU#694344
hp
  • HPSBST02180
  • SSRT061288
osvdb 30815
sectrack 1017374
secunia 23288
vupen ADV-2006-4966
Last major update 17-10-2018 - 21:43
Published 12-12-2006 - 20:28
Last modified 17-10-2018 - 21:43
Back to Top