Описание
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
Ссылки
- Third Party AdvisoryUS Government Resource
- US Government Resource
- US Government Resource
- Third Party AdvisoryUS Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:avaya:ip600_media_servers:*:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip600_media_servers:r6:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip600_media_servers:r7:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip600_media_servers:r8:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip600_media_servers:r9:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip600_media_servers:r10:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip600_media_servers:r11:*:*:*:*:*:*:*
cpe:2.3:a:avaya:ip600_media_servers:r12:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:h:avaya:definity_one_media_server:*:*:*:*:*:*:*:*
cpe:2.3:h:avaya:definity_one_media_server:r6:*:*:*:*:*:*:*
cpe:2.3:h:avaya:definity_one_media_server:r7:*:*:*:*:*:*:*
cpe:2.3:h:avaya:definity_one_media_server:r8:*:*:*:*:*:*:*
cpe:2.3:h:avaya:definity_one_media_server:r9:*:*:*:*:*:*:*
cpe:2.3:h:avaya:definity_one_media_server:r10:*:*:*:*:*:*:*
cpe:2.3:h:avaya:definity_one_media_server:r11:*:*:*:*:*:*:*
cpe:2.3:h:avaya:definity_one_media_server:r12:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s3400:*:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:*:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:r6:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:r7:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:r8:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:r9:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:r10:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:r11:*:*:*:*:*:*:*
cpe:2.3:h:avaya:s8100:r12:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:avaya:modular_messaging_message_storage_server:s3400:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.81506
Высокий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
EPSS
Процентиль: 99%
0.81506
Высокий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other