Details of VAR-200604-0209

ID

VAR-200604-0209

CVE

CVE-2006-1185

TITLE

RDS.Dataspace ActiveX control bypasses ActiveX security model

Trust: 0.8

sources: CERT/CC: VU#234812

DESCRIPTION

Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via certain invalid HTML that causes memory corruption. This can cause a variety of impacts, such as causing IE to crash. Microsoft Internet Explorer (IE) fails to properly handle HTA files. This vulnerability occurs when the browser parses invalid HTML. Attackers can exploit this vulnerability through a malicious web page or HTML email. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-101A Microsoft Windows and Internet Explorer Vulnerabilities Original release date: April 11, 2006 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Internet Explorer For more complete information, refer to the Microsoft Security Bulletin Summary for April 2006. I. Description Microsoft Security Bulletin Summary for April 2006 addresses vulnerabilities in Microsoft Windows and Internet Explorer. (CVE-2006-0012) II. If the user is logged on with administrative privileges, the attacker could take complete control of an affected system. An attacker may also be able to cause a denial of service. III. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Security Bulletins and on the Microsoft Update site. Workarounds Please see the US-CERT Vulnerability Notes for workarounds. Many of these vulnerabilities can be mitigated by following the instructions listed in the Securing Your Web Browser document. Appendix A. References * Microsoft Security Bulletin Summary for April 2006 - <http://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx> * US-CERT Vulnerability Note VU#876678 - <http://www.kb.cert.org/vuls/id/876678> * US-CERT Vulnerability Note VU#984473 - <http://www.kb.cert.org/vuls/id/984473> * US-CERT Vulnerability Note VU#434641 - <http://www.kb.cert.org/vuls/id/434641> * US-CERT Vulnerability Note VU#503124 - <http://www.kb.cert.org/vuls/id/503124> * US-CERT Vulnerability Note VU#959049 - <http://www.kb.cert.org/vuls/id/959049> * US-CERT Vulnerability Note VU#824324 - <http://www.kb.cert.org/vuls/id/824324> * US-CERT Vulnerability Note VU#341028 - <http://www.kb.cert.org/vuls/id/341028> * US-CERT Vulnerability Note VU#234812 - <http://www.kb.cert.org/vuls/id/234812> * US-CERT Vulnerability Note VU#641460 - <http://www.kb.cert.org/vuls/id/641460> * CVE-2006-1359 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1359> * CVE-2006-1245 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1245> * CVE-2006-1388 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1388> * CVE-2006-1185 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1185> * CVE-2006-1186 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1186> * CVE-2006-1188 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1188> * CVE-2006-1189 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1189> * CVE-2006-0003 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0003> * CVE-2006-0012 - <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0012> * Microsoft Update - <https://update.microsoft.com/microsoftupdate> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/#Internet_Ex plorer> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA06-101A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA06-101A Feedback VU#876678" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History Apr 11, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRDwj9n0pj593lg50AQInJggAoOBNa20SU8JukBoK5elr5vWOLcAjycHt Cg0+064ncCpQXoWiYPrLGVzg4/MCTVUygbYl85cePp5cHSHqpfuYXoBuZwSKu36+ olQdkbU1ejViA8A0XPsQ3EgtIRlDZSgL1ncYlRM8QxK8CF7QV616ta8q6H/3EDMM i+tXy6gzQMqJeUthopzGcfpf6U5Qu9PCk/+Pj66GfFhHpARanLef2H28WFRazC+I R+vLGLFLV0gp1Iy7t267l1BhN1w1z+fXD0WwYkiTwb0mzeize8Amdqlb5c4Vn4wh HAF/XGiCe5qkMhM7kRLA70JsNfSkI38JPHWSo9/a04wFBKENCAwNpA== =w6IC -----END PGP SIGNATURE----- . ---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Internet Explorer "javaprxy.dll" Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA15891 VERIFY ADVISORY: http://secunia.com/advisories/15891/ CRITICAL: Highly critical IMPACT: DoS, System access WHERE: >From remote SOFTWARE: Microsoft Internet Explorer 6.x http://secunia.com/product/11/ Microsoft Internet Explorer 5.5 http://secunia.com/product/10/ Microsoft Internet Explorer 5.01 http://secunia.com/product/9/ DESCRIPTION: SEC Consult has reported a vulnerability in Microsoft Internet Explorer, which potentially can be exploited by malicious people to compromise a user's system. This can be exploited via a malicious web site to cause a memory corruption. The vulnerability has been reported in versions 5.01, 5.5, and 6.0. SOLUTION: The vendor recommends setting Internet and Local intranet security zone settings to "High". PROVIDED AND/OR DISCOVERED BY: sk0L and Martin Eiszner, SEC Consult. ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/903144.mspx SEC Consult: http://www.sec-consult.com/184.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 9.36

sources: NVD: CVE-2006-1185 // CERT/CC: VU#234812 // CERT/CC: VU#876678 // CERT/CC: VU#680526 // CERT/CC: VU#984473 // CERT/CC: VU#641460 // CERT/CC: VU#341028 // CERT/CC: VU#503124 // CERT/CC: VU#434641 // CERT/CC: VU#740372 // CERT/CC: VU#939605 // JVNDB: JVNDB-2006-000172 // BID: 17450 // VULHUB: VHN-17293 // PACKETSTORM: 45345 // PACKETSTORM: 38386

AFFECTED PRODUCTS

vendor:	microsoft	model:	-	scope:	-	version:	-	Trust: 7.2
vendor:	microsoft	model:	ie	scope:	eq	version:	6	Trust: 1.6
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	6	Trust: 1.0
vendor:	microsoft	model:	ie	scope:	eq	version:	5.01	Trust: 1.0
vendor:	canon	model:	network camera server vb101	scope:	eq	version:	*	Trust: 1.0
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	5.01	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	6 for windows server 2003	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	6 for windows server 2003 for itanium-based systems	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	6 for windows server 2003 x64 edition	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	6 for windows xp	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	6 for windows xp professional x64 edition	Trust: 0.8
vendor:	microsoft	model:	internet explorer sp4	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	microsoft	model:	internet explorer sp3	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	microsoft	model:	internet explorer sp2	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	microsoft	model:	internet explorer sp1	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	microsoft	model:	internet explorer for windows nt	scope:	eq	version:	5.0.14.0	Trust: 0.3
vendor:	microsoft	model:	internet explorer for windows	scope:	eq	version:	5.0.198	Trust: 0.3
vendor:	microsoft	model:	internet explorer for windows	scope:	eq	version:	5.0.195	Trust: 0.3
vendor:	microsoft	model:	internet explorer for windows	scope:	eq	version:	5.0.12000	Trust: 0.3
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	5.0.1	Trust: 0.3
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	6.0	Trust: 0.3
vendor:	microsoft	model:	internet explorer for windows	scope:	eq	version:	5.098	Trust: 0.3

sources: CERT/CC: VU#234812 // CERT/CC: VU#876678 // CERT/CC: VU#680526 // CERT/CC: VU#641460 // CERT/CC: VU#341028 // CERT/CC: VU#503124 // CERT/CC: VU#434641 // CERT/CC: VU#740372 // CERT/CC: VU#939605 // BID: 17450 // JVNDB: JVNDB-2006-000172 // CNNVD: CNNVD-200604-144 // NVD: CVE-2006-1185

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-1185
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#876678
value:	35.63
Trust: 0.8
CARNEGIE MELLON:	VU#680526
value:	28.35
Trust: 0.8
CARNEGIE MELLON:	VU#984473
value:	23.01
Trust: 0.8
CARNEGIE MELLON:	VU#641460
value:	27.00
Trust: 0.8
CARNEGIE MELLON:	VU#341028
value:	32.40
Trust: 0.8
CARNEGIE MELLON:	VU#503124
value:	29.70
Trust: 0.8
CARNEGIE MELLON:	VU#434641
value:	25.50
Trust: 0.8
CARNEGIE MELLON:	VU#740372
value:	10.13
Trust: 0.8
CARNEGIE MELLON:	VU#939605
value:	44.55
Trust: 0.8
NVD:	CVE-2006-1185
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200604-144
value:	HIGH
Trust: 0.6
VULHUB:	VHN-17293
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2006-1185
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-17293
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#876678 // CERT/CC: VU#680526 // CERT/CC: VU#984473 // CERT/CC: VU#641460 // CERT/CC: VU#341028 // CERT/CC: VU#503124 // CERT/CC: VU#434641 // CERT/CC: VU#740372 // CERT/CC: VU#939605 // VULHUB: VHN-17293 // JVNDB: JVNDB-2006-000172 // CNNVD: CNNVD-200604-144 // NVD: CVE-2006-1185

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-1185

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200604-144

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200604-144

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-000172

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-17293

PATCH

title:	MS06-013	url:	http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx	Trust: 0.8
title:	MS06-013	url:	http://www.microsoft.com/japan/technet/security/bulletin/ms06-013.mspx	Trust: 0.8

sources: JVNDB: JVNDB-2006-000172

EXTERNAL IDS

db:	CERT/CC	id:	VU#503124	Trust: 3.4
db:	NVD	id:	CVE-2006-1185	Trust: 2.9
db:	BID	id:	17450	Trust: 2.8
db:	USCERT	id:	TA06-101A	Trust: 2.6
db:	SECUNIA	id:	18957	Trust: 2.5
db:	CERT/CC	id:	VU#959049	Trust: 1.7
db:	VUPEN	id:	ADV-2006-1318	Trust: 1.7
db:	SECTRACK	id:	1015900	Trust: 1.7
db:	CERT/CC	id:	VU#740372	Trust: 1.6
db:	CERT/CC	id:	VU#939605	Trust: 1.6
db:	CERT/CC	id:	VU#680526	Trust: 1.6
db:	CERT/CC	id:	VU#234812	Trust: 0.9
db:	CERT/CC	id:	VU#876678	Trust: 0.9
db:	CERT/CC	id:	VU#984473	Trust: 0.9
db:	CERT/CC	id:	VU#641460	Trust: 0.9
db:	CERT/CC	id:	VU#341028	Trust: 0.9
db:	CERT/CC	id:	VU#434641	Trust: 0.9
db:	SECUNIA	id:	15891	Trust: 0.9
db:	SECUNIA	id:	19583	Trust: 0.8
db:	SECUNIA	id:	18680	Trust: 0.8
db:	SECUNIA	id:	16373	Trust: 0.8
db:	SECUNIA	id:	19269	Trust: 0.8
db:	SECUNIA	id:	19606	Trust: 0.8
db:	SECUNIA	id:	19378	Trust: 0.8
db:	BID	id:	17181	Trust: 0.8
db:	BID	id:	14594	Trust: 0.8
db:	XF	id:	21895	Trust: 0.8
db:	SECTRACK	id:	1014727	Trust: 0.8
db:	SECUNIA	id:	16480	Trust: 0.8
db:	XF	id:	21193	Trust: 0.8
db:	BID	id:	14087	Trust: 0.8
db:	OSVDB	id:	17680	Trust: 0.8
db:	SECTRACK	id:	1014329	Trust: 0.8
db:	USCERT	id:	SA06-101A	Trust: 0.8
db:	JVNDB	id:	JVNDB-2006-000172	Trust: 0.8
db:	CNNVD	id:	CNNVD-200604-144	Trust: 0.6
db:	EXPLOIT-DB	id:	1838	Trust: 0.1
db:	VULHUB	id:	VHN-17293	Trust: 0.1
db:	CERT/CC	id:	VU#824324	Trust: 0.1
db:	PACKETSTORM	id:	45345	Trust: 0.1
db:	PACKETSTORM	id:	38386	Trust: 0.1

sources: CERT/CC: VU#234812 // CERT/CC: VU#876678 // CERT/CC: VU#680526 // CERT/CC: VU#984473 // CERT/CC: VU#641460 // CERT/CC: VU#341028 // CERT/CC: VU#503124 // CERT/CC: VU#434641 // CERT/CC: VU#740372 // CERT/CC: VU#939605 // VULHUB: VHN-17293 // BID: 17450 // JVNDB: JVNDB-2006-000172 // PACKETSTORM: 45345 // PACKETSTORM: 38386 // CNNVD: CNNVD-200604-144 // NVD: CVE-2006-1185

REFERENCES

url:	http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx	Trust: 2.7
url:	http://www.securityfocus.com/bid/17450	Trust: 2.5
url:	http://www.us-cert.gov/cas/techalerts/ta06-101a.html	Trust: 2.5
url:	http://www.kb.cert.org/vuls/id/503124	Trust: 2.5
url:	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013	Trust: 1.7
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1677	Trust: 1.7
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1711	Trust: 1.7
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a787	Trust: 1.7
url:	http://securitytracker.com/id?1015900	Trust: 1.7
url:	http://secunia.com/advisories/18957	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2006/1318	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/25542	Trust: 1.7
url:	http://www.kb.cert.org/vuls/id/959049	Trust: 1.6
url:	http://www.microsoft.com/technet/security/bulletin/ms05-052.mspx	Trust: 1.6
url:	http://www.microsoft.com/technet/security/bulletin/ms05-037.mspx	Trust: 1.6
url:	about vulnerability notes	Trust: 1.6
url:	contact us about this vulnerability	Trust: 1.6
url:	provide a vendor statement	Trust: 1.6
url:	http://www.microsoft.com/technet/security/advisory/903144.mspx	Trust: 0.9
url:	http://www.sec-consult.com/184.html	Trust: 0.9
url:	http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx	Trust: 0.8
url:	http://secunia.com/advisories/19583/	Trust: 0.8
url:	http://msdn.microsoft.com/archive/default.asp?url=/archive/en-us/dnarmdac/html/msdn_remtdata.asp	Trust: 0.8
url:	http://www.microsoft.com/technet/security/advisory/917077.mspx	Trust: 0.8
url:	http://secunia.com/advisories/18680/	Trust: 0.8
url:	http://blogs.technet.com/msrc/archive/2006/03/22/422849.aspx	Trust: 0.8
url:	http://msdn.microsoft.com/workshop/author/dhtml/reference/methods/createtextrange.asp	Trust: 0.8
url:	http://www.microsoft.com/com/default.mspx	Trust: 0.8
url:	http://msdn.microsoft.com/library/default.asp?url=/workshop/components/activex/activex_node_entry.asp	Trust: 0.8
url:	http://support.microsoft.com/kb/159621	Trust: 0.8
url:	http://support.microsoft.com/kb/216434	Trust: 0.8
url:	http://www.securityfocus.com/archive/1/391803	Trust: 0.8
url:	http://www.kb.cert.org/vuls/id/939605	Trust: 0.8
url:	http://www.kb.cert.org/vuls/id/740372	Trust: 0.8
url:	http://www.microsoft.com/technet/security/bulletin/ms05-054.mspx	Trust: 0.8
url:	http://www.microsoft.com/technet/security/bulletin/ms05-038.mspx	Trust: 0.8
url:	http://secunia.com/advisories/16373/	Trust: 0.8
url:	http://secunia.com/advisories/19269/	Trust: 0.8
url:	http://www.microsoft.com/technet/security/bulletin/ms06-015.mspx	Trust: 0.8
url:	http://support.microsoft.com/kb/918165	Trust: 0.8
url:	http://secunia.com/advisories/19606/	Trust: 0.8
url:	http://jeffrey.vanderstad.net/grasshopper/	Trust: 0.8
url:	http://secunia.com/advisories/19378/	Trust: 0.8
url:	http://www.securityfocus.com/bid/17181	Trust: 0.8
url:	http://www.microsoft.com/technet/security/advisory/906267.mspx	Trust: 0.8
url:	http://www.kb.cert.org/vuls/id/680526	Trust: 0.8
url:	http://secunia.com/advisories/16480/	Trust: 0.8
url:	http://www.securityfocus.com/bid/14594	Trust: 0.8
url:	http://www.securitytracker.com/alerts/2005/aug/1014727.html	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/21895	Trust: 0.8
url:	http://secunia.com/advisories/15891/	Trust: 0.8
url:	http://www.securitytracker.com/alerts/2005/jun/1014329.html	Trust: 0.8
url:	http://www.osvdb.org/displayvuln.php?osvdb_id=17680	Trust: 0.8
url:	http://www.securityfocus.com/bid/14087	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/21193	Trust: 0.8
url:	http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33120	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1185	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2006/1318	Trust: 0.8
url:	http://jvn.jp/cert/jvnta06-101a/index.html	Trust: 0.8
url:	http://jvn.jp/tr/trta06-101a/	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-1185	Trust: 0.8
url:	http://secunia.com/advisories/18957/	Trust: 0.8
url:	http://www.us-cert.gov/cas/alerts/sa06-101a.html	Trust: 0.8
url:	http://xforce.iss.net/xforce/alerts/id/217	Trust: 0.8
url:	http://xforce.iss.net/xforce/alerts/id/220	Trust: 0.8
url:	http://www.mozilla.com/	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/641460>	Trust: 0.1
url:	https://update.microsoft.com/microsoftupdate>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1189>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0003>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1185>	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/984473>	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/341028>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1388>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0012>	Trust: 0.1
url:	http://www.us-cert.gov/reading_room/securing_browser/#internet_ex	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1188>	Trust: 0.1
url:	http://www.us-cert.gov/cas/signup.html>.	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/234812>	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/434641>	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/824324>	Trust: 0.1
url:	http://www.us-cert.gov/cas/techalerts/ta06-101a.html>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1359>	Trust: 0.1
url:	http://www.microsoft.com/technet/security/bulletin/ms06-apr.mspx>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1245>	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/503124>	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-1186>	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/876678>	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/959049>	Trust: 0.1
url:	http://www.us-cert.gov/legal.html>	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/10/	Trust: 0.1
url:	http://secunia.com/product/9/	Trust: 0.1
url:	http://secunia.com/product/11/	Trust: 0.1
url:	http://secunia.com/secunia_vacancies/	Trust: 0.1
url:	http://secunia.com/advisories/15891/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

CREDITS

Jan P. Monsch jan.monsch@csnc.ch

Trust: 0.6

sources: CNNVD: CNNVD-200604-144

SOURCES

db:	CERT/CC	id:	VU#234812
db:	CERT/CC	id:	VU#876678
db:	CERT/CC	id:	VU#680526
db:	CERT/CC	id:	VU#984473
db:	CERT/CC	id:	VU#641460
db:	CERT/CC	id:	VU#341028
db:	CERT/CC	id:	VU#503124
db:	CERT/CC	id:	VU#434641
db:	CERT/CC	id:	VU#740372
db:	CERT/CC	id:	VU#939605
db:	VULHUB	id:	VHN-17293
db:	BID	id:	17450
db:	JVNDB	id:	JVNDB-2006-000172
db:	PACKETSTORM	id:	45345
db:	PACKETSTORM	id:	38386
db:	CNNVD	id:	CNNVD-200604-144
db:	NVD	id:	CVE-2006-1185

LAST UPDATE DATE

2024-09-19T22:34:15.939000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#234812	date:	2006-11-02T00:00:00
db:	CERT/CC	id:	VU#876678	date:	2006-04-11T00:00:00
db:	CERT/CC	id:	VU#680526	date:	2007-10-11T00:00:00
db:	CERT/CC	id:	VU#984473	date:	2006-04-11T00:00:00
db:	CERT/CC	id:	VU#641460	date:	2006-05-15T00:00:00
db:	CERT/CC	id:	VU#341028	date:	2006-04-11T00:00:00
db:	CERT/CC	id:	VU#503124	date:	2006-04-11T00:00:00
db:	CERT/CC	id:	VU#434641	date:	2006-04-12T00:00:00
db:	CERT/CC	id:	VU#740372	date:	2005-10-13T00:00:00
db:	CERT/CC	id:	VU#939605	date:	2005-07-12T00:00:00
db:	VULHUB	id:	VHN-17293	date:	2018-10-12T00:00:00
db:	BID	id:	17450	date:	2006-04-11T22:17:00
db:	JVNDB	id:	JVNDB-2006-000172	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200604-144	date:	2021-07-27T00:00:00
db:	NVD	id:	CVE-2006-1185	date:	2021-07-23T12:17:15.613

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#234812	date:	2006-04-11T00:00:00
db:	CERT/CC	id:	VU#876678	date:	2006-03-23T00:00:00
db:	CERT/CC	id:	VU#680526	date:	2005-08-19T00:00:00
db:	CERT/CC	id:	VU#984473	date:	2006-04-11T00:00:00
db:	CERT/CC	id:	VU#641460	date:	2006-04-11T00:00:00
db:	CERT/CC	id:	VU#341028	date:	2006-04-11T00:00:00
db:	CERT/CC	id:	VU#503124	date:	2006-04-11T00:00:00
db:	CERT/CC	id:	VU#434641	date:	2006-04-11T00:00:00
db:	CERT/CC	id:	VU#740372	date:	2005-08-18T00:00:00
db:	CERT/CC	id:	VU#939605	date:	2005-07-02T00:00:00
db:	VULHUB	id:	VHN-17293	date:	2006-04-11T00:00:00
db:	BID	id:	17450	date:	2006-04-11T00:00:00
db:	JVNDB	id:	JVNDB-2006-000172	date:	2007-04-01T00:00:00
db:	PACKETSTORM	id:	45345	date:	2006-04-12T04:12:55
db:	PACKETSTORM	id:	38386	date:	2005-07-01T23:31:00
db:	CNNVD	id:	CNNVD-200604-144	date:	2006-04-11T00:00:00
db:	NVD	id:	CVE-2006-1185	date:	2006-04-11T23:02:00