Описание
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file.
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-3450
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A433
- http://secunia.com/advisories/21396
- http://securitytracker.com/id?1016663
- http://www.kb.cert.org/vuls/id/119180
- http://www.osvdb.org/27855
- http://www.securityfocus.com/archive/1/442579/100/0/threaded
- http://www.securityfocus.com/bid/19312
- http://www.us-cert.gov/cas/techalerts/TA06-220A.html
- http://www.vupen.com/english/advisories/2006/3212
- http://www.zerodayinitiative.com/advisories/ZDI-06-027.html
Связанные уязвимости
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file.