Lucene search

[email protected]NVD:CVE-2006-7066

HistoryMar 02, 2007 - 9:18 p.m.

CVE-2006-7066

2007-03-0221:18:00

[email protected]

web.nvd.nist.gov

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.203 Low

EPSS

Percentile

96.4%

JSON

Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating an object inside an iframe, deleting the frame by setting its location.href to about:blank, then accessing a property of the object within the deleted frame, which triggers a NULL pointer dereference. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.

Affected configurations

NVD

Node

microsoftwindows_xpMatch-sp2

AND

microsoftinternet_explorerMatch6.0

microsoftinternet_explorerMatch6.0sp1

microsoftinternet_explorerMatch6.0sp2

References

archives.neohapsis.com/archives/bugtraq/2009-07/0193.html

blogs.securiteam.com/index.php/archives/554

browserfun.blogspot.com/2006/07/mobb-30-orphan-object-properties.html

websecurity.com.ua/3130/

www.osvdb.org/27533

www.securityfocus.com/bid/19228

exchange.xforce.ibmcloud.com/vulnerabilities/28068

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

High

0.203 Low

EPSS

Percentile

96.4%

JSON

Related for NVD:CVE-2006-7066

cve1 cvelist1 nessus1