Unrated severityNVD Advisory· Published Mar 17, 2006· Updated Apr 16, 2026
CVE-2006-1245
CVE-2006-1245
Description
Buffer overflow in mshtml.dll in Microsoft Internet Explorer 6.0.2900.2180, and probably other versions, allows remote attackers to execute arbitrary code via an HTML tag with a large number of script action handlers such as onload and onmouseover, as demonstrated using onclick, aka the "Multiple Event Handler Memory Corruption Vulnerability."
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
19- secunia.com/advisories/18957nvdPatchVendor Advisory
- secunia.com/advisories/19269nvdPatchVendor Advisory
- securitytracker.com/idnvdPatch
- www.osvdb.org/23964nvdExploit
- www.securityfocus.com/bid/17131nvdExploitPatch
- www.kb.cert.org/vuls/id/984473nvdThird Party AdvisoryUS Government Resource
- www.us-cert.gov/cas/techalerts/TA06-101A.htmlnvdThird Party AdvisoryUS Government Resource
- archives.neohapsis.com/archives/bugtraq/2006-02/0855.htmlnvd
- www.securityfocus.com/archive/1/428810/100/0/threadednvd
- www.securityfocus.com/archive/1/453436/100/0/threadednvd
- www.securityfocus.com/archive/1/453554/100/0/threadednvd
- www.vupen.com/english/advisories/2006/1318nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25292nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1451nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1569nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1599nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1632nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1766nvd
News mentions
0No linked articles in our index yet.