CVE-2006-3639

Name of the Vulnerable Software and Affected Versions Microsoft Internet Explorer versions 5.01 through 6

Description A remote code execution and information disclosure issue exists in the way Internet Explorer handles redirects. This allows attackers to read cross-domain web pages and possibly execute code via specially crafted web pages. An attacker could exploit this by constructing a web page that, when viewed, could allow for information disclosure, including reading file data from another Internet Explorer domain.

Recommendations For Microsoft Internet Explorer versions 5.01 through 6, consider applying security patches or updates that address the issue of handling redirects to prevent information disclosure and remote code execution. As a temporary workaround, restrict access to potentially vulnerable web pages until a patch is available.