CVE-2006-4627

2022-10-0316:21:31

mitre

www.cve.org

cve-2006-4627

remote attackers

denial of service

microsoft internet explorer

savefile function

crash

long computer

filename

category argument

6.7 Medium

AI Score

Confidence

High

0.056 Low

EPSS

Percentile

93.3%

JSON

System Information ActiveX control (msinfo.dll), when accessed via Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via a SaveFile function with a long (1) computer and possibly (2) filename and (3) category argument.

References

noderat.spaces.live.com/blog/cns%216ADE4614B66EADD2%211150.entry

www.blogger.com/comment.g?blogID=30557436&postID=115190809697529918

www.osvdb.org/28381