Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy.
Published 2006-07-21 14:03:00
Updated 2021-07-23 12:55:04
Source MITRE
View at NVD,   CVE.org
Vulnerability category: OverflowExecute codeDenial of service

Products affected by CVE-2006-3730

Exploit prediction scoring system (EPSS) score for CVE-2006-3730

97.41%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2006-3730

  • MS06-057 Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow
    Disclosure Date: 2006-07-17
    First seen: 2020-04-26
    exploit/windows/browser/ms06_057_webview_setslice
    This module exploits a flaw in the WebViewFolderIcon ActiveX control included with Windows 2000, Windows XP, and Windows 2003. This flaw was published during the Month of Browser Bugs project (MoBB #18). Authors: - hdm <x@hdm.io>

CVSS scores for CVE-2006-3730

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
9.3
HIGH AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
NIST

CWE ids for CVE-2006-3730

  • The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
    Assigned by: nvd@nist.gov (Primary)
Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!