Unrated severityNVD Advisory· Published Sep 19, 2006· Updated Jun 16, 2026
CVE-2006-4868
CVE-2006-4868
Description
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
- (no CPE)range: = 6.0
Patches
Vulnerability mechanics
References
21- secunia.com/advisories/21989nvdPatchVendor Advisory
- www.microsoft.com/technet/security/advisory/925568.mspxnvdPatchVendor Advisory
- www.us-cert.gov/cas/techalerts/TA06-262A.htmlnvdPatchUS Government Resource
- www.securityfocus.com/bid/20096nvdExploitPatch
- www.vupen.com/english/advisories/2006/3679nvdVendor Advisory
- www.kb.cert.org/vuls/id/416092nvdUS Government Resource
- blogs.securiteam.com/index.php/archives/624nvd
- securitytracker.com/idnvd
- sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.htmlnvd
- support.microsoft.com/kb/925486nvd
- www.osvdb.org/28946nvd
- www.securityfocus.com/archive/1/446378/100/0/threadednvd
- www.securityfocus.com/archive/1/446505/100/0/threadednvd
- www.securityfocus.com/archive/1/446523/100/0/threadednvd
- www.securityfocus.com/archive/1/446528/100/0/threadednvd
- www.securityfocus.com/archive/1/446881/100/200/threadednvd
- www.securityfocus.com/archive/1/447070/100/0/threadednvd
- www.securityfocus.com/archive/1/448552/100/0/threadednvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-055nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/29004nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100nvd
News mentions
0No linked articles in our index yet.