Lucene search

[email protected]CVE-2006-7030

HistoryFeb 23, 2007 - 3:28 a.m.

CVE-2006-7030

2007-02-2303:28:00

[email protected]

web.nvd.nist.gov

cve-2006-7030

microsoft internet explorer

remote attackers

denial of service

crash

malformed html

applet

base tags

null pointer dereference

mshtml.dll

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.508 Medium

EPSS

Percentile

97.5%

JSON

Microsoft Internet Explorer 6 SP2 and earlier allows remote attackers to cause a denial of service (crash) via certain malformed HTML, possibly involving applet and base tags without required arguments, which triggers a null pointer dereference in mshtml.dll.

Affected configurations

NVD

Node

microsoftwindows_2000

microsoftwindows_2003_serverMatchsp2

microsoftwindows_98gold

microsoftwindows_me

microsoftwindows_nt

microsoftwindows_vista

microsoftwindows_xpgold

AND

microsoftieMatch6.0sp2

CPENameOperatorVersion
microsoft:iemicrosoft ieeq6.0

CPE	Name	Operator	Version
microsoft:ie	microsoft ie	eq	6.0

References

securityreason.com/securityalert/2286

www.securityfocus.com/archive/1/435095/30/4710/threaded

www.securityfocus.com/archive/1/435129/30/4710/threaded

www.securityfocus.com/bid/18112

exchange.xforce.ibmcloud.com/vulnerabilities/26808

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7 High

AI Score

Confidence

High

0.508 Medium

EPSS

Percentile

97.5%

JSON

Related for CVE-2006-7030

nvd1 cvelist1