PT-2006-1145 · Microsoft · Internet Explorer

Will Dormann

Published

2006-01-27

Updated

2021-07-23

CVE-2006-0057

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 5.01, 5.5, and 6

Description: The issue allows remote attackers to bypass the Kill bit settings for dangerous ActiveX controls via unknown vectors involving crafted HTML. This can expose the browser to attacks that would otherwise be prevented by the Kill bit setting.

Recommendations: For Microsoft Internet Explorer versions 5.01, 5.5, and 6, consider applying the fix described in MS05-054 as claimed by CERT/CC, although the details of this fix are not explicitly described in MS05-054.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0057

Affected Products

Internet Explorer

PT-2006-1145 · Microsoft · Internet Explorer

CVE-2006-0057

Related Identifiers

Affected Products

References · 6