CVE-2006-0057
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
27/01/2006
Last modified:
03/04/2025
Description
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to bypass the Kill bit settings for dangerous ActiveX controls via unknown vectors involving crafted HTML, which can expose the browser to attacks that would otherwise be prevented by the Kill bit setting. NOTE: CERT/CC claims that MS05-054 fixes this issue, but it is not described in MS05-054.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.kb.cert.org/vuls/id/998297
- http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx
- http://www.osvdb.org/23657
- http://www.securityfocus.com/bid/16409
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24379
- http://www.kb.cert.org/vuls/id/998297
- http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx
- http://www.osvdb.org/23657
- http://www.securityfocus.com/bid/16409
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24379