CVE-2006-4193
Microsoft Internet Explorer 6 - 'IMSKDIC.dll' Denial of Service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
8Exploited in Wild
-Decision
Descriptions
Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), and (3) msoe.dll (Outlook), which leads to memory corruption. NOTE: it is not certain whether the issue is in Internet Explorer or the individual DLL files.
Microsoft Internet Explorer 6.0 SP1 y posiblemente otras versiones permite a atacantes remotos provocar una denegación de servicio y posiblemente ejecutar código de su elección instanciando objetos COM como controles ActiveX, incluyendo (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), y (3) msoe.dll (Outlook), lo que lleva a una corrupción de memoria. NOTA: no está confirmado si este problema está en Internet Explorer o en los archivos DLL individuales.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-08-15 First Exploit
- 2006-08-16 CVE Reserved
- 2006-08-17 CVE Published
- 2023-11-20 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (18)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/1402 | Third Party Advisory | |
| http://www.osvdb.org/29345 | Vdb Entry | |
| http://www.osvdb.org/29346 | Vdb Entry | |
| http://www.osvdb.org/29347 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/443290/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/443295/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/443299/100/0/threaded | Mailing List | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/28436 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/28438 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/28439 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/28387 | 2006-08-15 | |
| https://www.exploit-db.com/exploits/28389 | 2006-08-15 | |
| http://www.securityfocus.com/bid/19521 | 2024-08-07 | |
| http://www.securityfocus.com/bid/19529 | 2024-08-07 | |
| http://www.securityfocus.com/bid/19530 | 2024-08-07 | |
| http://www.xsec.org/index.php?module=releases&act=view&type=1&id=10 | 2024-08-07 | |
| http://www.xsec.org/index.php?module=releases&act=view&type=1&id=8 | 2024-08-07 | |
| http://www.xsec.org/index.php?module=releases&act=view&type=1&id=9 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Ie Search vendor "Microsoft" for product "Ie" | 6.0 Search vendor "Microsoft" for product "Ie" and version "6.0" | sp1 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Ie Search vendor "Microsoft" for product "Ie" | 6.0 Search vendor "Microsoft" for product "Ie" and version "6.0" | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | 6.0 Search vendor "Microsoft" for product "Internet Explorer" and version "6.0" | - |
Affected
| ||||||