CVE-2006-2385

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption when it is saved as a multipart HTML (.mht) file.

Published: Jun 13, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-2385
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
microsoft / ie	6.0-sp1	6.0-sp1.x
microsoft / internet_explorer	5.01-sp4	5.01-sp4.x

http://secunia.com/advisories/20595
http://securitytracker.com/id?1016291
http://www.osvdb.org/26446
http://www.securityfocus.com/bid/18320
http://www.vupen.com/english/advisories/2006/2319
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-021
https://exchange.xforce.ibmcloud.com/vulnerabilities/26782
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1167
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1423
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1609
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1665
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1911
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1916

Vulnerability Database

290,301

CVE-2006-2385