← Back

CVE-2006-3873

nvd nist
Published: Sep 12, 2006Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060912, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a GZIP-encoded website that was the target of an HTTP redirect, due to an incomplete fix for CVE-2006-3869.

Affected (10)

Microsoft
4 products
Ie
Windows 2000
Windows 2003 Server
Windows Xp
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Ie
Version 6.0 sp1
Configuration B
9 vulnerable
Vulnerable SoftwareAffected Versions
Windows 2000
All versions
Microsoft
Windows 2003 Server
Version 64-bit
Windows 2003 Server
Version itanium
Windows 2003 Server
Version r2
Windows 2003 Server
Version sp1
Windows 2003 Server
Version sp1
Microsoft
Windows Xp
All versions
Windows Xp
All versions
Windows Xp
All versions

References (18)

Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
PatchURL Repurposed
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchURL Repurposed
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.