Vulnerability Details CVE-2006-3450
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.638
EPSS Ranking 98.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/21396
- http://securitytracker.com/id?1016663
- http://www.kb.cert.org/vuls/id/119180
- http://www.osvdb.org/27855
- http://www.securityfocus.com/archive/1/442579/100/0/threaded
- http://www.securityfocus.com/bid/19312
- http://www.us-cert.gov/cas/techalerts/TA06-220A.html
- http://www.vupen.com/english/advisories/2006/3212
- http://www.zerodayinitiative.com/advisories/ZDI-06-027.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A433
- http://secunia.com/advisories/21396
- http://securitytracker.com/id?1016663
- http://www.kb.cert.org/vuls/id/119180
- http://www.osvdb.org/27855
- http://www.securityfocus.com/archive/1/442579/100/0/threaded
- http://www.securityfocus.com/bid/19312
- http://www.us-cert.gov/cas/techalerts/TA06-220A.html
- http://www.vupen.com/english/advisories/2006/3212
- http://www.zerodayinitiative.com/advisories/ZDI-06-027.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A433
Products affected by CVE-2006-3450
-
cpe:2.3:a:microsoft:ie:6.0
-
cpe:2.3:a:microsoft:internet_explorer:6.0