CVE-2006-3450 Information
Description
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file.
Reference
http://secunia.com/advisories/21396 http://securitytracker.com/id?1016663 http://www.kb.cert.org/vuls/id/119180 http://www.osvdb.org/27855 http://www.securityfocus.com/archive/1/442579/100/0/threaded http://www.securityfocus.com/bid/19312 http://www.us-cert.gov/cas/techalerts/TA06-220A.html http://www.vupen.com/english/advisories/2006/3212 http://www.zerodayinitiative.com/advisories/ZDI-06-027.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A433
Share on: