← Back

CVE-2006-7066

nvd nist
Published: Mar 2, 2007Modified: Apr 23, 2026

JSON object

Loading...
7.1
Vector
AV:N/AC:M/Au:N/C:N/I:N/A:C
Exploitability: 8.6 / Impact: 6.9
Source: NVD

Description

Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by creating an object inside an iframe, deleting the frame by setting its location.href to about:blank, then accessing a property of the object within the deleted frame, which triggers a NULL pointer dereference. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.

Affected (3)

Microsoft
1 product
Internet Explorer
Configuration A
3 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Microsoft
Internet Explorer
Version 6.0
Internet Explorer
Version 6.0 sp1
Internet Explorer
Version 6.0 sp2
Running on/withPlatform Versions
Microsoft
Windows Xp
All versions

References (14)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Permissions Required
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
ExploitThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions Required
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.