cvelistv5 - cve-2006-1189

CVE-2006-1189 (GCVE-0-2006-1189)

Vulnerability from cvelistv5

Published

2006-04-11 23:00

Modified

2024-08-07 17:03

Severity ?

CWE

Summary

Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability."

References

URL

Tags

	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A792	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/18957	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1020	vdb-entry, signature, x_refsource_OVAL
	http://securitytracker.com/id?1015900	vdb-entry, x_refsource_SECTRACK
	http://archives.neohapsis.com/archives/bugtraq/2006-04/0227.html	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/25551	vdb-entry, x_refsource_XF
	http://www.us-cert.gov/cas/techalerts/TA06-101A.html	third-party-advisory, x_refsource_CERT
	http://www.securityfocus.com/bid/17454	vdb-entry, x_refsource_BID
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013	vendor-advisory, x_refsource_MS
	http://www.kb.cert.org/vuls/id/341028	third-party-advisory, x_refsource_CERT-VN
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1484	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2006/1318	vdb-entry, x_refsource_VUPEN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:03:28.513Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:792",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A792"
          },
          {
            "name": "18957",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18957"
          },
          {
            "name": "oval:org.mitre.oval:def:1020",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1020"
          },
          {
            "name": "1015900",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015900"
          },
          {
            "name": "20060411 Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0227.html"
          },
          {
            "name": "ie-double-byte-execute-code(25551)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25551"
          },
          {
            "name": "TA06-101A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
          },
          {
            "name": "17454",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17454"
          },
          {
            "name": "MS06-013",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
          },
          {
            "name": "VU#341028",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/341028"
          },
          {
            "name": "oval:org.mitre.oval:def:1484",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1484"
          },
          {
            "name": "ADV-2006-1318",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1318"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-04-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the \"Double Byte Character Parsing Memory Corruption Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:792",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A792"
        },
        {
          "name": "18957",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18957"
        },
        {
          "name": "oval:org.mitre.oval:def:1020",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1020"
        },
        {
          "name": "1015900",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015900"
        },
        {
          "name": "20060411 Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0227.html"
        },
        {
          "name": "ie-double-byte-execute-code(25551)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25551"
        },
        {
          "name": "TA06-101A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
        },
        {
          "name": "17454",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17454"
        },
        {
          "name": "MS06-013",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
        },
        {
          "name": "VU#341028",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/341028"
        },
        {
          "name": "oval:org.mitre.oval:def:1484",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1484"
        },
        {
          "name": "ADV-2006-1318",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1318"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-1189",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the \"Double Byte Character Parsing Memory Corruption Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:792",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A792"
            },
            {
              "name": "18957",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18957"
            },
            {
              "name": "oval:org.mitre.oval:def:1020",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1020"
            },
            {
              "name": "1015900",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015900"
            },
            {
              "name": "20060411 Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0227.html"
            },
            {
              "name": "ie-double-byte-execute-code(25551)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25551"
            },
            {
              "name": "TA06-101A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-101A.html"
            },
            {
              "name": "17454",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17454"
            },
            {
              "name": "MS06-013",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-013"
            },
            {
              "name": "VU#341028",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/341028"
            },
            {
              "name": "oval:org.mitre.oval:def:1484",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1484"
            },
            {
              "name": "ADV-2006-1318",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1318"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-1189",
    "datePublished": "2006-04-11T23:00:00.000Z",
    "dateReserved": "2006-03-13T00:00:00.000Z",
    "dateUpdated": "2024-08-07T17:03:28.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2006-AVI-150

Vulnerability from certfr_avis

Plusieurs vulnérabilités dans Microsoft Internet Explorer laissent la possibilité à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Description

Plusieurs vulnérabilités existent dans certaines versions du navigateur Microsoft Internet Explorer. Les plus importantes sont détaillées ci-dessous :

l'appel de certains objets HTML (DHTML Method Call) peut provoquer un débordement de mémoire. Un utilisateur malveillant peut profiter de cette vulnérabilité au moyen d'une page web spécialement conçue pour exécuter du code arbitraire à distance.
la manipulation de plusieurs évènements dans un élément HTML n'est pas correctement gérée par Internet Explorer. De la même façon, un utilisateur malveillant peut utiliser ses vulnérabilités dans une page web dédiée, et ainsi exécuter du code arbitraire sur toute machine vulnérable visitant cette page.
une application HTML (connue sous le nom de HTA) construite d'une certaine manière peut contourner le contrôle de sécurité opéré par Internet Explorer.
l'analyse syntaxique du code HTML par Internet Explorer (HTML Parsing) présente plusieurs vulnérabilités permettant l'exécution de code arbitraire à distance au moyen d'une page web contenant des balises HTML non conformes.
certaines adresses réticulaires (URLs) contenant des caractères particuliers à deux octets peuvent être utilisées pour exécuter du code arbitraire à distance. Cette vulnérabilité ne devrait pas concerner les versions françaises ou anglaises de Microsoft Internet Explorer.
un utilisateur malveillant peut usurper l'adresse affichée dans le navigateur. Il peut ainsi provoquer l'affichage dans la barre d'adressage d'une adresse qui ne correspond pas au site visité. Cette technique est par exemple utilisable dans des cas de filoutage.

Solution

Appliquer le correctif tel qu'indiqué dans le bulletin de sécurité Microsoft MS06-013 (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Internet Explorer 5.0 Service Pack 4 ;
Microsoft	Windows	Microsoft Internet Explorer 6 pour Microsoft Windows Server 2003 ;
Microsoft	Windows	Microsoft Internet Explorer 6 pour Microsoft Windows XP Service Pack 2.
Microsoft	N/A	Microsoft Internet Explorer 6 Service Pack 1 ;
Microsoft	Windows	Microsoft Internet Explorer 6 pour Microsoft Windows Server 2003 Service Pack 1 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS06-013 du 11 avril 2006

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Internet Explorer 5.0 Service Pack 4 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 6 pour Microsoft Windows Server 2003 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 6 pour Microsoft Windows XP Service Pack 2.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 6 Service Pack 1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Internet Explorer 6 pour Microsoft Windows Server 2003 Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s existent dans certaines versions du navigateur\nMicrosoft Internet Explorer. Les plus importantes sont d\u00e9taill\u00e9es\nci-dessous :\n\n-   l\u0027appel de certains objets HTML (DHTML Method Call) peut provoquer\n    un d\u00e9bordement de m\u00e9moire. Un utilisateur malveillant peut profiter\n    de cette vuln\u00e9rabilit\u00e9 au moyen d\u0027une page web sp\u00e9cialement con\u00e7ue\n    pour ex\u00e9cuter du code arbitraire \u00e0 distance.\n-   la manipulation de plusieurs \u00e9v\u00e8nements dans un \u00e9l\u00e9ment HTML n\u0027est\n    pas correctement g\u00e9r\u00e9e par Internet Explorer. De la m\u00eame fa\u00e7on, un\n    utilisateur malveillant peut utiliser ses vuln\u00e9rabilit\u00e9s dans une\n    page web d\u00e9di\u00e9e, et ainsi ex\u00e9cuter du code arbitraire sur toute\n    machine vuln\u00e9rable visitant cette page.\n-   une application HTML (connue sous le nom de HTA) construite d\u0027une\n    certaine mani\u00e8re peut contourner le contr\u00f4le de s\u00e9curit\u00e9 op\u00e9r\u00e9 par\n    Internet Explorer.\n-   l\u0027analyse syntaxique du code HTML par Internet Explorer (HTML\n    Parsing) pr\u00e9sente plusieurs vuln\u00e9rabilit\u00e9s permettant l\u0027ex\u00e9cution de\n    code arbitraire \u00e0 distance au moyen d\u0027une page web contenant des\n    balises HTML non conformes.\n-   certaines adresses r\u00e9ticulaires (URLs) contenant des caract\u00e8res\n    particuliers \u00e0 deux octets peuvent \u00eatre utilis\u00e9es pour ex\u00e9cuter du\n    code arbitraire \u00e0 distance. Cette vuln\u00e9rabilit\u00e9 ne devrait pas\n    concerner les versions fran\u00e7aises ou anglaises de Microsoft Internet\n    Explorer.\n-   un utilisateur malveillant peut usurper l\u0027adresse affich\u00e9e dans le\n    navigateur. Il peut ainsi provoquer l\u0027affichage dans la barre\n    d\u0027adressage d\u0027une adresse qui ne correspond pas au site visit\u00e9.\n    Cette technique est par exemple utilisable dans des cas de\n    filoutage.\n\n## Solution\n\nAppliquer le correctif tel qu\u0027indiqu\u00e9 dans le bulletin de s\u00e9curit\u00e9\nMicrosoft MS06-013 (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-1359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1359"
    },
    {
      "name": "CVE-2006-1191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1191"
    },
    {
      "name": "CVE-2006-1388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1388"
    },
    {
      "name": "CVE-2006-1245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1245"
    },
    {
      "name": "CVE-2006-1192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1192"
    },
    {
      "name": "CVE-2006-1190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1190"
    },
    {
      "name": "CVE-2006-1185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1185"
    },
    {
      "name": "CVE-2006-1186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1186"
    },
    {
      "name": "CVE-2006-1188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1188"
    },
    {
      "name": "CVE-2006-1189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-1189"
    }
  ],
  "initial_release_date": "2006-04-12T00:00:00",
  "last_revision_date": "2006-04-12T00:00:00",
  "links": [],
  "reference": "CERTA-2006-AVI-150",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-04-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans Microsoft Internet Explorer laissent la\npossibilit\u00e9 \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Internet Explorer",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-013 du 11 avril 2006",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS06-013.mspx"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-1189 (GCVE-0-2006-1189)

Vulnerability from cvelistv5

CERTA-2006-AVI-150

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature