CVE-2006-4868
CVE-2006-4868
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.
Productos afectados
n/a · n/aPoCs públicas encontradas — 3
exploitdbwww.exploit-db.com/exploits/2425no verificadoexploitdbwww.exploit-db.com/exploits/16597no verificadoexploitdbwww.exploit-db.com/exploits/2426no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://blogs.securiteam.com/index.php/archives/624https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-055http://secunia.com/advisories/21989http://securitytracker.com/id?1016879https://exchange.xforce.ibmcloud.com/vulnerabilities/29004https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.htmlhttp://support.microsoft.com/kb/925486http://www.kb.cert.org/vuls/id/416092http://www.microsoft.com/technet/security/advisory/925568.mspxhttp://www.osvdb.org/28946http://www.securityfocus.com/archive/1/446378/100/0/threaded