CVE-2006-1189

2006-04-1123:02:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-1189

buffer overflow

urlmon.dll

microsoft internet explorer

remote code execution

idn

double byte character parsing memory corruption vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.924 High

EPSS

Percentile

99.0%

JSON

Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the “Double Byte Character Parsing Memory Corruption Vulnerability.”

Affected configurations

NVD

Node

microsoftinternet_explorerMatch5.01

microsoftinternet_explorerMatch5.1

microsoftinternet_explorerMatch5.5

microsoftinternet_explorerMatch6.0

CPENameOperatorVersion
microsoft:internet_explorermicrosoft internet explorereq5.01
microsoft:internet_explorermicrosoft internet explorereq5.1
microsoft:internet_explorermicrosoft internet explorereq5.5
microsoft:internet_explorermicrosoft internet explorereq6.0

CPE	Name	Operator	Version
microsoft:internet_explorer	microsoft internet explorer	eq	5.01
microsoft:internet_explorer	microsoft internet explorer	eq	5.1
microsoft:internet_explorer	microsoft internet explorer	eq	5.5
microsoft:internet_explorer	microsoft internet explorer	eq	6.0