CVE-2006-5577

Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://securitytracker.com/id?1017374
http://secunia.com/advisories/23288
http://www.osvdb.org/30816
http://www.securityfocus.com/bid/21507
http://www.us-cert.gov/cas/techalerts/TA06-346A.html	US Government Resource
http://www.vupen.com/english/advisories/2006/4966
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A313
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-072
http://www.securityfocus.com/archive/1/454969/100/200/threaded

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:ie:*:windows_server_2003_sp1:*:*:*:*:*:*

Information

Published : 2006-12-12 12:28

Updated : 2018-10-17 14:43

NVD link : CVE-2006-5577

Mitre link : CVE-2006-5577

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

microsoft

ie

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://securitytracker.com/id?1017374", "name": "1017374", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/23288", "name": "23288", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.osvdb.org/30816", "name": "30816", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.securityfocus.com/bid/21507", "name": "21507", "tags": [], "refsource": "BID"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA06-346A.html", "name": "TA06-346A", "tags": ["US Government Resource"], "refsource": "CERT"}, {"url": "http://www.vupen.com/english/advisories/2006/4966", "name": "ADV-2006-4966", "tags": [], "refsource": "VUPEN"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A313", "name": "oval:org.mitre.oval:def:313", "tags": [], "refsource": "OVAL"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-072", "name": "MS06-072", "tags": [], "refsource": "MS"}, {"url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded", "name": "SSRT061288", "tags": [], "refsource": "HP"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka \"TIF Folder Information Disclosure Vulnerability,\" and a different issue than CVE-2006-5578."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-5577", "ASSIGNER": "secure@microsoft.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-12-12T20:28Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:ie:*:windows_server_2003_sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "6"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-17T21:43Z"}