PT-2006-5036 · Microsoft · Internet Explorer 6.0+1

Nop

Published

2006-08-18

Updated

2018-10-17

CVE-2006-4219

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Microsoft Windows 2003 EE SP1 CN Internet Explorer 6.0 SP1

Description The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by instantiating the Terminal Services COM object (tsuserex.dll) as an ActiveX object in Internet Explorer.

Recommendations For Microsoft Windows 2003 EE SP1 CN, update the system to prevent exploitation. For Internet Explorer 6.0 SP1, avoid instantiating the Terminal Services COM object (tsuserex.dll) as an ActiveX object until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-4219

Affected Products

Internet Explorer 6.0

Windows 2003

PT-2006-5036 · Microsoft · Internet Explorer 6.0+1

CVE-2006-4219

Related Identifiers

Affected Products

References · 7