Vulnerability Details : CVE-2006-3730
Public exploit exists!
Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2006-3730
- cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-3730
97.41%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2006-3730
-
MS06-057 Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow
Disclosure Date: 2006-07-17First seen: 2020-04-26exploit/windows/browser/ms06_057_webview_setsliceThis module exploits a flaw in the WebViewFolderIcon ActiveX control included with Windows 2000, Windows XP, and Windows 2003. This flaw was published during the Month of Browser Bugs project (MoBB #18). Authors: - hdm <x@hdm.io>
CVSS scores for CVE-2006-3730
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2006-3730
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2006-3730
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/27804
-
http://www.securityfocus.com/archive/1/447490/100/0/threaded
-
http://www.vupen.com/english/advisories/2006/2882
Vendor Advisory
-
http://www.us-cert.gov/cas/techalerts/TA06-270A.html
US Government Resource
-
http://www.securityfocus.com/archive/1/449179/100/0/threaded
-
http://browserfun.blogspot.com/2006/07/mobb-18-webviewfoldericon-setslice.html
Exploit
-
http://www.securityfocus.com/archive/1/447426/100/0/threaded
-
http://www.kb.cert.org/vuls/id/753044
US Government Resource
-
https://www.exploit-db.com/exploits/2440
-
http://isc.sans.org/diary.php?storyid=1742
-
http://securitytracker.com/id?1016941
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-057
-
http://www.securityfocus.com/archive/1/447383/100/100/threaded
-
http://riosec.com/msie-setslice-vuln
-
http://www.securityfocus.com/archive/1/447174/100/0/threaded
-
http://www.us-cert.gov/cas/techalerts/TA06-283A.html
US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A339
-
http://www.securityfocus.com/bid/19030
Microsoft WebViewFolderIcon ActiveX Control Buffer Overflow VulnerabilityExploit
Jump to