CyberSec.Space Logo
Back to CVE Browser

CVE-2006-1186

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0630%
EPSS Percentile8.69th
PublishedApr 11, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.

Affected Platforms (CPE)

πŸ“¦
Microsoft

Ie

= 5.0.1
πŸ“¦
Microsoft

Ie

= 5.0.1
πŸ“¦
Microsoft

Ie

= 5.0.1
πŸ“¦
Microsoft

Ie

= 5.0.1
πŸ“¦
Microsoft

Ie

= 5.01
πŸ“¦
Microsoft

Ie

= 6
πŸ“¦
Microsoft

Internet Explorer

= 5.0.1
πŸ“¦
Microsoft

Internet Explorer

= 5.0.1
πŸ“¦
Microsoft

Internet Explorer

= 5.0.1
πŸ“¦
Microsoft

Internet Explorer

= 5.0.1
πŸ“¦
Microsoft

Internet Explorer

= 5.0.1
πŸ“¦
Microsoft

Internet Explorer

= 5.01
πŸ“¦
Microsoft

Internet Explorer

= 5.1
πŸ“¦
Microsoft

Internet Explorer

= 5.01
πŸ“¦
Microsoft

Internet Explorer

= 5.01
πŸ“¦
Microsoft

Internet Explorer

= 5.01
πŸ“¦
Microsoft

Internet Explorer

= 5.01
πŸ“¦
Microsoft

Internet Explorer

= 5.5
πŸ“¦
Microsoft

Internet Explorer

= 5.5
πŸ“¦
Microsoft

Internet Explorer

= 5.5
πŸ“¦
Microsoft

Internet Explorer

= 5.5

References & Advisories

πŸ”— http://secunia.com/advisories/18957
πŸ”— http://securitytracker.com/id?1015900
πŸ”— http://www.kb.cert.org/vuls/id/959049
πŸ”— http://www.securityfocus.com/bid/17453
πŸ”— http://www.us-cert.gov/cas/techalerts/TA06-101A.html
πŸ”— http://www.vupen.com/english/advisories/2006/1318
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/25545

Related Vulnerabilities

CVE-2006-075110.0

Multiple unspecified vulnerabilities in the (1) Filesystem in USErspace (FUSE) client and (2) NOOFS daemon in in Network Object Or...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2006-041110.0

claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote atta...

CVE-2006-086410.0

filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows remote attackers to gain admini...