Unrated severityNVD Advisory· Published Sep 12, 2006· Updated Jun 16, 2026
CVE-2006-3873
CVE-2006-3873
Description
Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060912, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a GZIP-encoded website that was the target of an HTTP redirect, due to an incomplete fix for CVE-2006-3869.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:itanium:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*+ 2 more
- cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
- Range: 6 SP1
Patches
Vulnerability mechanics
References
9- weblog.infoworld.com/techwatch/archives/007870.htmlnvdPatchURL Repurposed
- research.eeye.com/html/advisories/published/AD20060912.htmlnvd
- securityreason.com/securityalert/1555nvd
- securitytracker.com/idnvd
- www.osvdb.org/30834nvd
- www.securityfocus.com/archive/1/445835/100/0/threadednvd
- www.securityfocus.com/bid/19987nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-042nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/28893nvd
News mentions
0No linked articles in our index yet.