CVE-2006-5581

Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability."

Published: Dec 12, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-5581
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / internet_explorer	-	6.x

http://secunia.com/advisories/23288
http://securitytracker.com/id?1017373
http://www.kb.cert.org/vuls/id/347448
http://www.osvdb.org/30814
http://www.securityfocus.com/archive/1/454210/100/0/threaded
http://www.securityfocus.com/archive/1/454969/100/200/threaded
http://www.securityfocus.com/bid/21546
http://www.symantec.com/security_response/writeup.jsp?docid=2006-121212-1201-99
http://www.us-cert.gov/cas/techalerts/TA06-346A.html
http://www.vupen.com/english/advisories/2006/4966
http://www.zerodayinitiative.com/advisories/ZDI-06-048.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-072
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A116

Vulnerability Database

CVE-2006-5581

Deep Security Visibility Without the Complexity