Lucene search

[email protected]CVE-2006-4301

HistoryAug 23, 2006 - 1:04 a.m.

CVE-2006-4301

2006-08-2301:04:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2006-4301

microsoft

internet explorer

denial of service

crash

directx

activex

com objects

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.402 Medium

EPSS

Percentile

97.3%

JSON

Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) via a long Color attribute in multiple DirectX Media Image DirectX Transforms ActiveX COM Objects from (a) dxtmsft.dll and (b) dxtmsft3.dll, including (1) DXImageTransform.Microsoft.MaskFilter.1, (2) DXImageTransform.Microsoft.Chroma.1, and (3) DX3DTransform.Microsoft.Shapes.1.

Affected configurations

NVD

Node

microsoftieMatch6.0sp1

CPENameOperatorVersion
microsoft:iemicrosoft ieeq6.0

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	6.0

References

securityreason.com/securityalert/1439

www.osvdb.org/29524

www.osvdb.org/29525

www.securityfocus.com/archive/1/443907/100/0/threaded

www.securityfocus.com/bid/19640

xsec.org/index.php?module=releases&act=view&type=1&id=17

exchange.xforce.ibmcloud.com/vulnerabilities/28516

www.exploit-db.com/exploits/4251

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.9 Medium

AI Score

Confidence

High

0.402 Medium

EPSS

Percentile

97.3%

JSON

Related for CVE-2006-4301

cvelist1 nvd1