CVE-2006-3451
Microsoft Internet Explorer Multiple CSS Imports Memory Corruption Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors.
Microsoft Internet Explorer 5 SP4 y 6 no recogen adecuadamente la basura cuando "se utilizan múltiples importaciones en una colección de hojas de estilo" para construir una cadena de Hojas de Estilo en Cascada (CSS), lo cual permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados.
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to improper garbage collection when multiple "imports" are used on a "styleSheets" collection. Crafting a long chain of CSS imports in an HTML document results in a memory corruption eventually leading to code execution.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-07-07 CVE Reserved
- 2006-08-08 CVE Published
- 2023-10-04 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/1343 | Third Party Advisory | |
| http://securitytracker.com/id?1016663 | Vdb Entry | |
| http://www.osvdb.org/27854 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/442578/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/19316 | Vdb Entry | |
| http://www.zerodayinitiative.com/advisories/ZDI-06-026.html | X_refsource_misc |
|
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.kb.cert.org/vuls/id/262004 | 2018-10-18 | |
| http://www.us-cert.gov/cas/techalerts/TA06-220A.html | 2018-10-18 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/21396 | 2018-10-18 | |
| http://www.vupen.com/english/advisories/2006/3212 | 2018-10-18 | |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042 | 2018-10-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Ie Search vendor "Microsoft" for product "Ie" | 5.0 Search vendor "Microsoft" for product "Ie" and version "5.0" | sp4 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Ie Search vendor "Microsoft" for product "Ie" | 6 Search vendor "Microsoft" for product "Ie" and version "6" | windows_server_2003_sp1 |
Affected
| ||||||