Vulnerability Details : CVE-2006-1190
Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.
Vulnerability category: Execute code
Products affected by CVE-2006-1190
- cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-1190
89.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-1190
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2006-1190
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/25552
-
http://www.kb.cert.org/vuls/id/959649
US Government Resource
-
http://securitytracker.com/id?1015900
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013
-
http://www.securityfocus.com/bid/17455
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A965
-
http://www.vupen.com/english/advisories/2006/1318
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1541
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1735
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1783
Jump to