Unrated severityNVD Advisory· Published Aug 8, 2006· Updated Jun 16, 2026
CVE-2006-3638
CVE-2006-3638
Description
Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
- (no CPE)range: 5.01, 6
Patches
Vulnerability mechanics
References
11- secunia.com/advisories/21396nvdVendor Advisory
- www.vupen.com/english/advisories/2006/3212nvdVendor Advisory
- www.kb.cert.org/vuls/id/959049nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA06-220A.htmlnvdUS Government Resource
- securitytracker.com/idnvd
- www.osvdb.org/27852nvd
- www.securityfocus.com/archive/1/442728/100/0/threadednvd
- www.securityfocus.com/bid/19340nvd
- www.tippingpoint.com/security/advisories/TSRT-06-09.htmlnvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A719nvd
News mentions
0No linked articles in our index yet.