Vulnerability Details CVE-2006-4495
Microsoft Internet Explorer allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including (1) ciodm.dll, (2) myinfo.dll, (3) msdxm.ocx, and (4) creator.dll.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.546
EPSS Ranking 97.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://securityreason.com/securityalert/1474
- http://www.securityfocus.com/archive/1/443896/100/100/threaded
- http://www.securityfocus.com/bid/19636
- http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28512
- http://securityreason.com/securityalert/1474
- http://www.securityfocus.com/archive/1/443896/100/100/threaded
- http://www.securityfocus.com/bid/19636
- http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=16
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28512
Products affected by CVE-2006-4495
-
cpe:2.3:a:microsoft:ie:6.0
-
cpe:2.3:o:microsoft:windows_2003_server:2000_server
-
cpe:2.3:o:microsoft:windows_2003_server:advanced_server
-
cpe:2.3:o:microsoft:windows_2003_server:datacenter_server
-
cpe:2.3:o:microsoft:windows_2003_server:professional