Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1186

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2006-1186
Last Modified 07 Mar 2011 09:32:20
Published 11 Apr 2006 07:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1186

Summary

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.

Vulnerable Systems

Application

  • Microsoft Ie 5.0.1

  • Microsoft Ie 5.01

  • Microsoft Ie 5.1

  • Microsoft Ie 5.5

  • Microsoft Ie 6


References

CERT - TA06-101A

CERT-VN - VU#959049

SECUNIA - 18957

VUPEN - ADV-2006-1318

BID - 17453

MS - MS06-013

XF - ie-com-activex-execute-code(25545)

SECTRACK - 1015900


Last Updated: 27 May 2016 10:41:58