Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2383

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2006-2383
Last Modified 07 Mar 2011 09:36:05
Published 13 Jun 2006 03:06:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2383

Summary

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution.

Vulnerable Systems

Application

  • Microsoft Ie 5.01

  • Microsoft Ie 6


References

CERT - TA06-164A

CERT-VN - VU#417585

BID - 18303

SECTRACK - 1016291

SECUNIA - 20595

XF - ie-dximagetransform-execute-code(26768)

VUPEN - ADV-2006-2319

OSVDB - 26444

MS - MS06-021


Last Updated: 27 May 2016 10:42:26