CVE-2006-1190 Information
Description
Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object which could cause Internet Explorer to run the object in the wrong security context or zone and allow remote attackers to execute arbitrary code.
Reference
http://secunia.com/advisories/18957 http://securitytracker.com/id?1015900 http://www.kb.cert.org/vuls/id/959649 http://www.securityfocus.com/bid/17455 http://www.vupen.com/english/advisories/2006/1318 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013 https://exchange.xforce.ibmcloud.com/vulnerabilities/25552 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1541 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1735 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1783 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A965
Share on: