CVE-2006-4193
First published: Thu Aug 17 2006(Updated: )
Microsoft Internet Explorer 6.0 SP1 and possibly other versions allows remote attackers to cause a denial of service and possibly execute arbitrary code by instantiating COM objects as ActiveX controls, including (1) imskdic.dll (Microsoft IME), (2) chtskdic.dll (Microsoft IME), and (3) msoe.dll (Outlook), which leads to memory corruption. NOTE: it is not certain whether the issue is in Internet Explorer or the individual DLL files.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Internet Explorer | =6.0-sp1 | |
| Microsoft Internet Explorer | =6.0-sp2 | |
| Internet Explorer | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.xsec.org/index.php?module=releases&act=view&type=1&id=10
- http://www.xsec.org/index.php?module=releases&act=view&type=1&id=8
- http://www.xsec.org/index.php?module=releases&act=view&type=1&id=9
- http://www.securityfocus.com/bid/19521
- http://www.securityfocus.com/bid/19529
- http://www.securityfocus.com/bid/19530
- http://www.osvdb.org/29345
- http://www.osvdb.org/29346
- http://www.osvdb.org/29347
- http://securityreason.com/securityalert/1402
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28439
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28438
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28436
- http://www.securityfocus.com/archive/1/443299/100/0/threaded
- http://www.securityfocus.com/archive/1/443295/100/0/threaded
- http://www.securityfocus.com/archive/1/443290/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-4193?
CVE-2006-4193 is rated as a high-severity vulnerability due to its potential to allow remote code execution and denial of service.
How do I fix CVE-2006-4193?
To mitigate CVE-2006-4193, it is recommended to update Microsoft Internet Explorer to the latest version available or apply the appropriate security patches provided by Microsoft.
Which versions of Internet Explorer are affected by CVE-2006-4193?
CVE-2006-4193 affects Microsoft Internet Explorer 6.0 SP1 and SP2, as well as other potential versions of Internet Explorer 6.0.
What are the consequences of exploiting CVE-2006-4193?
Exploitation of CVE-2006-4193 can lead to system crashes, data loss, and unauthorized access to sensitive information by executing arbitrary code.
Is CVE-2006-4193 still relevant today?
While CVE-2006-4193 is an older vulnerability, it highlights the importance of keeping software updated, as unsupported versions may still be in use on legacy systems.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft internet explorer
- version/microsoft internet explorer/6.0-sp1
- version/microsoft internet explorer/6.0-sp2
- canonical/internet explorer
- version/internet explorer/6.0