Back to search
CVE-2006-1190
Published: Apr 11, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
18957
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:1735
vdb-entry
signature
x_refsource_OVAL
1015900
vdb-entry
x_refsource_SECTRACK
17455
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:1541
vdb-entry
signature
x_refsource_OVAL
MS06-013
vendor-advisory
x_refsource_MS
ie-ioleclientsite-execute-code(25552)
vdb-entry
x_refsource_XF
ADV-2006-1318
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:965
vdb-entry
signature
x_refsource_OVAL
VU#959649
third-party-advisory
x_refsource_CERT-VN
oval:org.mitre.oval:def:1783
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now