Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2006-4868

Published: 19/09/2006 Updated: 23/07/2021
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 945
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Microsoft

Vulnerability Summary

Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote malicious users to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft outlook 2003

microsoft internet_explorer 6.0

microsoft internet_explorer 5.0.1

Exploits

Exploit DB: Microsoft Internet Explorer - 'VML' Remote Buffer Overflow (SP2) (Perl)
#!/usr/bin/perl # # Microsoft Internet Explorer VML Remote Buffer Overflow (Windows XP SP2) # # Author: Trirat Puttaraksa (Kira) <trir00t [at] gmailcom> # # Credits: Niega # # [UPDATE Sep 24] # At the first time, I decide to release this exploit on Oct 10 # However, if u see this exploit before Oct 10, it is because of one # of the followin ...
Exploit DB: Microsoft Internet Explorer (Windows XP SP2) - 'VML' Remote Buffer Overflow
<!-- ::[ jamikazu presents ]:: Microsoft Internet Explorer VML Remote Buffer Overflow Exploit (0day) Works on all Windows XP versions including SP2 Author: jamikazu Mail: jamikazu@gmailcom Credit: metasploit, SkyLined invokes calcexe if successful --> <html xmlns:v="urn:schemas-microsoft-com:vml"> <head> <objec ...
Exploit DB: Microsoft Internet Explorer - 'VML' Fill Method Code Execution (MS06-055) (Metasploit)
## # $Id: ms06_055_vml_methodrb 9669 2010-07-03 03:13:45Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' cl ...

Github Repositories

https://github.com/shirkdog/exploits

Exploit code

Exploits and Shellcode Exploit code by year/CVE 2006/CVE-2006-4868/vmlDoShtml 2007/CVE-2007-0816/catirpcdosrb 2007/CVE-2007-1785/camediasvrremotepy 2007/CVE-2007-2772/caloggerdospy 2007/CVE-2007-2772/camediasvrdospy Shellcode (by OS)

References

CWE-119http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.htmlhttp://www.kb.cert.org/vuls/id/416092http://www.securityfocus.com/bid/20096http://secunia.com/advisories/21989http://www.microsoft.com/technet/security/advisory/925568.mspxhttp://securitytracker.com/id?1016879http://blogs.securiteam.com/index.php/archives/624http://www.osvdb.org/28946http://www.us-cert.gov/cas/techalerts/TA06-262A.htmlhttp://support.microsoft.com/kb/925486http://www.vupen.com/english/advisories/2006/3679https://exchange.xforce.ibmcloud.com/vulnerabilities/29004https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-055http://www.securityfocus.com/archive/1/448552/100/0/threadedhttp://www.securityfocus.com/archive/1/447070/100/0/threadedhttp://www.securityfocus.com/archive/1/446881/100/200/threadedhttp://www.securityfocus.com/archive/1/446528/100/0/threadedhttp://www.securityfocus.com/archive/1/446523/100/0/threadedhttp://www.securityfocus.com/archive/1/446505/100/0/threadedhttp://www.securityfocus.com/archive/1/446378/100/0/threadedhttps://nvd.nist.govhttps://github.com/shirkdog/exploitshttps://www.exploit-db.com/exploits/2426/https://www.kb.cert.org/vuls/id/416092
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook