Unrated severityNVD Advisory· Published Aug 8, 2006· Updated Apr 16, 2026

CVE-2006-3637

Description

Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle various HTML layout component combinations, which allows user-assisted remote attackers to execute arbitrary code via a crafted HTML file that leads to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."

Affected products

Microsoft/Ie
cpe:2.3:a:microsoft:ie:6:windows_server_2003_sp1:*:*:*:*:*:*
Microsoft/Internet Explorer
cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/340060nvdPatchUS Government Resource
www.us-cert.gov/cas/techalerts/TA06-220A.htmlnvdPatchUS Government Resource
secunia.com/advisories/21396nvd
securitytracker.com/idnvd
www.osvdb.org/27853nvd
www.vupen.com/english/advisories/2006/3212nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A502nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.062
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000