CVE-2006-4868

Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.
References
Link Resource
http://blogs.securiteam.com/index.php/archives/624
http://secunia.com/advisories/21989 Patch Vendor Advisory
http://securitytracker.com/id?1016879
http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html
http://support.microsoft.com/kb/925486
http://www.kb.cert.org/vuls/id/416092 US Government Resource
http://www.microsoft.com/technet/security/advisory/925568.mspx Patch Vendor Advisory
http://www.osvdb.org/28946
http://www.securityfocus.com/archive/1/446378/100/0/threaded
http://www.securityfocus.com/archive/1/446505/100/0/threaded
http://www.securityfocus.com/archive/1/446523/100/0/threaded
http://www.securityfocus.com/archive/1/446528/100/0/threaded
http://www.securityfocus.com/archive/1/446881/100/200/threaded
http://www.securityfocus.com/archive/1/447070/100/0/threaded
http://www.securityfocus.com/archive/1/448552/100/0/threaded
http://www.securityfocus.com/archive/1/448552/100/0/threaded
http://www.securityfocus.com/bid/20096 Exploit Patch
http://www.us-cert.gov/cas/techalerts/TA06-262A.html Patch US Government Resource
http://www.vupen.com/english/advisories/2006/3679 Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-055
https://exchange.xforce.ibmcloud.com/vulnerabilities/29004
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100
http://blogs.securiteam.com/index.php/archives/624
http://secunia.com/advisories/21989 Patch Vendor Advisory
http://securitytracker.com/id?1016879
http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html
http://support.microsoft.com/kb/925486
http://www.kb.cert.org/vuls/id/416092 US Government Resource
http://www.microsoft.com/technet/security/advisory/925568.mspx Patch Vendor Advisory
http://www.osvdb.org/28946
http://www.securityfocus.com/archive/1/446378/100/0/threaded
http://www.securityfocus.com/archive/1/446505/100/0/threaded
http://www.securityfocus.com/archive/1/446523/100/0/threaded
http://www.securityfocus.com/archive/1/446528/100/0/threaded
http://www.securityfocus.com/archive/1/446881/100/200/threaded
http://www.securityfocus.com/archive/1/447070/100/0/threaded
http://www.securityfocus.com/archive/1/448552/100/0/threaded
http://www.securityfocus.com/archive/1/448552/100/0/threaded
http://www.securityfocus.com/bid/20096 Exploit Patch
http://www.us-cert.gov/cas/techalerts/TA06-262A.html Patch US Government Resource
http://www.vupen.com/english/advisories/2006/3679 Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-055
https://exchange.xforce.ibmcloud.com/vulnerabilities/29004
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
OR cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*

History

21 Nov 2024, 00:16

Type Values Removed Values Added
References () http://blogs.securiteam.com/index.php/archives/624 - () http://blogs.securiteam.com/index.php/archives/624 -
References () http://secunia.com/advisories/21989 - Patch, Vendor Advisory () http://secunia.com/advisories/21989 - Patch, Vendor Advisory
References () http://securitytracker.com/id?1016879 - () http://securitytracker.com/id?1016879 -
References () http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html - () http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html -
References () http://support.microsoft.com/kb/925486 - () http://support.microsoft.com/kb/925486 -
References () http://www.kb.cert.org/vuls/id/416092 - US Government Resource () http://www.kb.cert.org/vuls/id/416092 - US Government Resource
References () http://www.microsoft.com/technet/security/advisory/925568.mspx - Patch, Vendor Advisory () http://www.microsoft.com/technet/security/advisory/925568.mspx - Patch, Vendor Advisory
References () http://www.osvdb.org/28946 - () http://www.osvdb.org/28946 -
References () http://www.securityfocus.com/archive/1/446378/100/0/threaded - () http://www.securityfocus.com/archive/1/446378/100/0/threaded -
References () http://www.securityfocus.com/archive/1/446505/100/0/threaded - () http://www.securityfocus.com/archive/1/446505/100/0/threaded -
References () http://www.securityfocus.com/archive/1/446523/100/0/threaded - () http://www.securityfocus.com/archive/1/446523/100/0/threaded -
References () http://www.securityfocus.com/archive/1/446528/100/0/threaded - () http://www.securityfocus.com/archive/1/446528/100/0/threaded -
References () http://www.securityfocus.com/archive/1/446881/100/200/threaded - () http://www.securityfocus.com/archive/1/446881/100/200/threaded -
References () http://www.securityfocus.com/archive/1/447070/100/0/threaded - () http://www.securityfocus.com/archive/1/447070/100/0/threaded -
References () http://www.securityfocus.com/archive/1/448552/100/0/threaded - () http://www.securityfocus.com/archive/1/448552/100/0/threaded -
References () http://www.securityfocus.com/bid/20096 - Exploit, Patch () http://www.securityfocus.com/bid/20096 - Exploit, Patch
References () http://www.us-cert.gov/cas/techalerts/TA06-262A.html - Patch, US Government Resource () http://www.us-cert.gov/cas/techalerts/TA06-262A.html - Patch, US Government Resource
References () http://www.vupen.com/english/advisories/2006/3679 - Vendor Advisory () http://www.vupen.com/english/advisories/2006/3679 - Vendor Advisory
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-055 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-055 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/29004 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/29004 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100 -

Information

Published : 2006-09-19 19:07

Updated : 2024-11-21 00:16


NVD link : CVE-2006-4868

Mitre link : CVE-2006-4868

CVE.ORG link : CVE-2006-4868


JSON object : View

Products Affected

microsoft

  • outlook
  • internet_explorer
  • windows_2003_server
  • windows_xp
  • windows_2000
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer