Unrated severityNVD Advisory· Published Sep 19, 2006· Updated Jun 16, 2026

CVE-2006-4888

Description

Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT.

Affected products

Microsoft/Ie
cpe:2.3:a:microsoft:ie:*:windows_server_2003_sp1:*:*:*:*:*:*
Range: <=6
Microsoft/Internet Explorerllm-fuzzy
Range: <=6

Patches

Vulnerability mechanics

References

archives.neohapsis.com/archives/bugtraq/2006-07/0199.htmlnvd
jonas.elunic.de/blog/index.php/2006/07/14/ie-freeze-bug/nvd
www.osvdb.org/28614nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.013
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000