CVE-2006-5579: Buffer Overflow
First published: Tue Dec 12 2006(Updated: )
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka "Script Error Handling Memory Corruption Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows Server 2003 | =sp1 | |
| Internet Explorer | =6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/secunia_research/2006-58/advisory/
- http://www.kb.cert.org/vuls/id/599832
- http://securitytracker.com/id?1017373
- http://secunia.com/advisories/20807
- http://www.osvdb.org/30813
- http://www.securityfocus.com/bid/21552
- http://www.us-cert.gov/cas/techalerts/TA06-346A.html
- http://www.vupen.com/english/advisories/2006/4966
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A761
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-072
- http://www.securityfocus.com/archive/1/454969/100/200/threaded
- http://www.securityfocus.com/archive/1/454205/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-5579?
CVE-2006-5579 has a critical severity rating due to the potential for remote code execution.
How do I fix CVE-2006-5579?
To fix CVE-2006-5579, it is recommended to upgrade to a newer version of Internet Explorer or apply the latest security patches provided by Microsoft.
What systems are affected by CVE-2006-5579?
CVE-2006-5579 primarily affects Microsoft Internet Explorer 6.
What type of vulnerability is CVE-2006-5579?
CVE-2006-5579 is a memory corruption vulnerability that can be exploited through JavaScript.
Can CVE-2006-5579 be exploited without user interaction?
Yes, CVE-2006-5579 can potentially be exploited through malicious web pages without user interaction.
- collector/nvd-historical
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft windows server 2003
- version/microsoft windows server 2003/sp1
- canonical/internet explorer
- version/internet explorer/6