CVE Vulnerabilities

CVE-2006-1190

Published: Apr 11, 2006 | Modified: Jul 23, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.

Affected Software

Name Vendor Start Version End Version
Internet_explorer Microsoft 5.01 5.01
Internet_explorer Microsoft 5.5 5.5
Internet_explorer Microsoft 5.1 5.1
Internet_explorer Microsoft 6.0 6.0

References