CVE-2006-3280 (GCVE-0-2006-3280)
Vulnerability from cvelistv5
Published
2006-06-28 22:00
Modified
2024-08-07 18:23
Severity ?
CWE
  • n/a
Summary
Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability."
References
cve@mitre.org http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047398.html
cve@mitre.org http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060627/3d930eda/PLEBO-2006.06.16-IE_ONE_MINOR_ONE_MAJOR.obj
cve@mitre.org http://secunia.com/advisories/20825 Vendor Advisory
cve@mitre.org http://secunia.com/advisories/21396
cve@mitre.org http://secunia.com/internet_explorer_information_disclosure_vulnerability_test
cve@mitre.org http://securitytracker.com/id?1016388
cve@mitre.org http://www.kb.cert.org/vuls/id/883108 US Government Resource
cve@mitre.org http://www.securityfocus.com/archive/1/438785/100/0/threaded
cve@mitre.org http://www.securityfocus.com/archive/1/438788/100/0/threaded
cve@mitre.org http://www.securityfocus.com/archive/1/438811/100/0/threaded
cve@mitre.org http://www.securityfocus.com/archive/1/438863/100/0/threaded
cve@mitre.org http://www.securityfocus.com/archive/1/438864/100/0/threaded
cve@mitre.org http://www.securityfocus.com/archive/1/439146/100/0/threaded
cve@mitre.org http://www.securityfocus.com/bid/18682
cve@mitre.org http://www.us-cert.gov/cas/techalerts/TA06-220A.html US Government Resource
cve@mitre.org http://www.vupen.com/english/advisories/2006/2553
cve@mitre.org http://www.vupen.com/english/advisories/2006/3212
cve@mitre.org https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/27452
cve@mitre.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A738
af854a3a-2127-422b-91ae-364da2661108 http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047398.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060627/3d930eda/PLEBO-2006.06.16-IE_ONE_MINOR_ONE_MAJOR.obj
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/20825 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/21396
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/internet_explorer_information_disclosure_vulnerability_test
af854a3a-2127-422b-91ae-364da2661108 http://securitytracker.com/id?1016388
af854a3a-2127-422b-91ae-364da2661108 http://www.kb.cert.org/vuls/id/883108 US Government Resource
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/438785/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/438788/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/438811/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/438863/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/438864/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/439146/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/18682
af854a3a-2127-422b-91ae-364da2661108 http://www.us-cert.gov/cas/techalerts/TA06-220A.html US Government Resource
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2006/2553
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2006/3212
af854a3a-2127-422b-91ae-364da2661108 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/27452
af854a3a-2127-422b-91ae-364da2661108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A738
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:23:21.219Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20060627 IE_ONE_MINOR_ONE_MAJOR",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047398.html"
          },
          {
            "name": "20060630 RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/438863/100/0/threaded"
          },
          {
            "name": "20825",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20825"
          },
          {
            "name": "MS06-042",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042"
          },
          {
            "name": "20060704 Re: Browser bugs hit IE, Firefox today (SANS)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/439146/100/0/threaded"
          },
          {
            "name": "VU#883108",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/883108"
          },
          {
            "name": "ie-redirection-information-disclosure(27452)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27452"
          },
          {
            "name": "1016388",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016388"
          },
          {
            "name": "20060630 Browser bugs hit IE, Firefox today (SANS)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/438785/100/0/threaded"
          },
          {
            "name": "21396",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21396"
          },
          {
            "name": "ADV-2006-3212",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3212"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060627/3d930eda/PLEBO-2006.06.16-IE_ONE_MINOR_ONE_MAJOR.obj"
          },
          {
            "name": "20060630 Re: Browser bugs hit IE, Firefox today (SANS)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/438864/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/internet_explorer_information_disclosure_vulnerability_test"
          },
          {
            "name": "TA06-220A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
          },
          {
            "name": "20060630 ISC: Firefox immune to outerHTML flaw in MSIE [Was: Browser bugs hit IE, Firefox]",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/438811/100/0/threaded"
          },
          {
            "name": "oval:org.mitre.oval:def:738",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A738"
          },
          {
            "name": "20060630 Re: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/438788/100/0/threaded"
          },
          {
            "name": "18682",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18682"
          },
          {
            "name": "ADV-2006-2553",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2553"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker\u0027s originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka \"Redirect Cross-Domain Information Disclosure Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20060627 IE_ONE_MINOR_ONE_MAJOR",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047398.html"
        },
        {
          "name": "20060630 RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/438863/100/0/threaded"
        },
        {
          "name": "20825",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20825"
        },
        {
          "name": "MS06-042",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042"
        },
        {
          "name": "20060704 Re: Browser bugs hit IE, Firefox today (SANS)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/439146/100/0/threaded"
        },
        {
          "name": "VU#883108",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/883108"
        },
        {
          "name": "ie-redirection-information-disclosure(27452)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27452"
        },
        {
          "name": "1016388",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016388"
        },
        {
          "name": "20060630 Browser bugs hit IE, Firefox today (SANS)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/438785/100/0/threaded"
        },
        {
          "name": "21396",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21396"
        },
        {
          "name": "ADV-2006-3212",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3212"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060627/3d930eda/PLEBO-2006.06.16-IE_ONE_MINOR_ONE_MAJOR.obj"
        },
        {
          "name": "20060630 Re: Browser bugs hit IE, Firefox today (SANS)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/438864/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/internet_explorer_information_disclosure_vulnerability_test"
        },
        {
          "name": "TA06-220A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
        },
        {
          "name": "20060630 ISC: Firefox immune to outerHTML flaw in MSIE [Was: Browser bugs hit IE, Firefox]",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/438811/100/0/threaded"
        },
        {
          "name": "oval:org.mitre.oval:def:738",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A738"
        },
        {
          "name": "20060630 Re: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/438788/100/0/threaded"
        },
        {
          "name": "18682",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18682"
        },
        {
          "name": "ADV-2006-2553",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2553"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3280",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker\u0027s originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka \"Redirect Cross-Domain Information Disclosure Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060627 IE_ONE_MINOR_ONE_MAJOR",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047398.html"
            },
            {
              "name": "20060630 RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/438863/100/0/threaded"
            },
            {
              "name": "20825",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20825"
            },
            {
              "name": "MS06-042",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042"
            },
            {
              "name": "20060704 Re: Browser bugs hit IE, Firefox today (SANS)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/439146/100/0/threaded"
            },
            {
              "name": "VU#883108",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/883108"
            },
            {
              "name": "ie-redirection-information-disclosure(27452)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27452"
            },
            {
              "name": "1016388",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016388"
            },
            {
              "name": "20060630 Browser bugs hit IE, Firefox today (SANS)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/438785/100/0/threaded"
            },
            {
              "name": "21396",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21396"
            },
            {
              "name": "ADV-2006-3212",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3212"
            },
            {
              "name": "http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060627/3d930eda/PLEBO-2006.06.16-IE_ONE_MINOR_ONE_MAJOR.obj",
              "refsource": "MISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060627/3d930eda/PLEBO-2006.06.16-IE_ONE_MINOR_ONE_MAJOR.obj"
            },
            {
              "name": "20060630 Re: Browser bugs hit IE, Firefox today (SANS)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/438864/100/0/threaded"
            },
            {
              "name": "http://secunia.com/internet_explorer_information_disclosure_vulnerability_test",
              "refsource": "MISC",
              "url": "http://secunia.com/internet_explorer_information_disclosure_vulnerability_test"
            },
            {
              "name": "TA06-220A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html"
            },
            {
              "name": "20060630 ISC: Firefox immune to outerHTML flaw in MSIE [Was: Browser bugs hit IE, Firefox]",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/438811/100/0/threaded"
            },
            {
              "name": "oval:org.mitre.oval:def:738",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A738"
            },
            {
              "name": "20060630 Re: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/438788/100/0/threaded"
            },
            {
              "name": "18682",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18682"
            },
            {
              "name": "ADV-2006-2553",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2553"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3280",
    "datePublished": "2006-06-28T22:00:00",
    "dateReserved": "2006-06-28T00:00:00",
    "dateUpdated": "2024-08-07T18:23:21.219Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3280\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-06-28T22:05:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker\u0027s originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka \\\"Redirect Cross-Domain Information Disclosure Vulnerability.\\\"\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de dominios cruzados en Microsoft Internet Explorer v6.0 permite a atacantes remotos acceder la informaci\u00f3n restringida desde otro dominio a trav\u00e9s de una etiqueta object con un par\u00e1metro data que referencia un enlace en el sitio original del atacante que especifica una cabecera Location HTTP que referencia un sitio objetivo, lo que luego hace que el contenido est\u00e9 disponible a trav\u00e9s del atributo outerHTML del objeto, como \\\"Redirect Cross-Domain Information Disclosure Vulnerability.\\\"\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A19F6133-25D1-44A5-B6B9-354703436783\"}]}]}],\"references\":[{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047398.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060627/3d930eda/PLEBO-2006.06.16-IE_ONE_MINOR_ONE_MAJOR.obj\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/20825\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/21396\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/internet_explorer_information_disclosure_vulnerability_test\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016388\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/883108\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/438785/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/438788/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/438811/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/438863/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/438864/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/439146/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18682\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-220A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2553\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3212\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27452\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A738\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/047398.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060627/3d930eda/PLEBO-2006.06.16-IE_ONE_MINOR_ONE_MAJOR.obj\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/20825\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/21396\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/internet_explorer_information_disclosure_vulnerability_test\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016388\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/883108\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/archive/1/438785/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/438788/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/438811/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/438863/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/438864/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/439146/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18682\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA06-220A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/2553\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27452\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A738\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.