Vulnerability Details CVE-2006-5162
wininet.dll in Microsoft Internet Explorer 6.0 SP2 and earlier allows remote attackers to cause a denial of service (unhandled exception and crash) via a long Content-Type header, which triggers a stack overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.124
EPSS Ranking 93.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2006-07/0379.html
- http://securityreason.com/securityalert/1683
- http://www.osvdb.org/29129
- http://www.securityfocus.com/bid/19092
- http://www.vupen.com/english/advisories/2006/2917
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27900
- https://www.exploit-db.com/exploits/2039
- http://archives.neohapsis.com/archives/bugtraq/2006-07/0379.html
- http://securityreason.com/securityalert/1683
- http://www.osvdb.org/29129
- http://www.securityfocus.com/bid/19092
- http://www.vupen.com/english/advisories/2006/2917
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27900
- https://www.exploit-db.com/exploits/2039
Products affected by CVE-2006-5162
-
cpe:2.3:a:microsoft:internet_explorer:5.0
-
cpe:2.3:a:microsoft:internet_explorer:5.0.1
-
cpe:2.3:a:microsoft:internet_explorer:5.5
-
cpe:2.3:a:microsoft:internet_explorer:6.0