Unrated severityNVD Advisory· Published Aug 8, 2006· Updated Apr 16, 2026

CVE-2006-3450

Description

Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file.

Affected products

Microsoft/Ie
cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
Microsoft/Internet Explorer
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/119180nvdPatchUS Government Resource
www.securityfocus.com/bid/19312nvdPatch
www.us-cert.gov/cas/techalerts/TA06-220A.htmlnvdPatchThird Party AdvisoryUS Government Resource
secunia.com/advisories/21396nvdVendor Advisory
www.vupen.com/english/advisories/2006/3212nvdVendor Advisory
securitytracker.com/idnvd
www.osvdb.org/27855nvd
www.securityfocus.com/archive/1/442579/100/0/threadednvd
www.zerodayinitiative.com/advisories/ZDI-06-027.htmlnvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A433nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.048
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000