CVE-2006-1359

CVE Database · CVE-2006-1359

CVE-2006-1359

· N/AModified

CVSS v3.1

N/A

EPSS

68.07%

Published

Mar 22, 2006

Modified

Apr 15, 2026

Public PoC / Exploit (6)

All weaponized →

Exploit-DBMicrosoft Internet Explorer - HTML Tag Memory Corruption (MS06-013)Exploit-DBMicrosoft Internet Explorer - 'createTextRang' Download Shellcode (2)Exploit-DBMicrosoft Internet Explorer - 'createTextRang' Remote (Metasploit)Exploit-DBMicrosoft Internet Explorer - 'createTextRang' Remote Code Execution Exploit-DBMicrosoft Internet Explorer - 'createTextRange()' Code Execution (MS06-013) (Metasploit)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer.

Weaknesses (CWE)

CWE-94

Affected Products (4)

microsoft · ievulnerable

microsoft · internet_explorervulnerable

References (20)

http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1427.html

http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1430.html

http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1434.html

http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1662.html

http://secunia.com/advisories/18680

Vendor Advisory

http://secunia.com/secunia_research/2006-7/advisory/

http://securitytracker.com/id?1015812

http://www.ciac.org/ciac/bulletins/q-154.shtml

http://www.computerterrorism.com/research/ct22-03-2006

Vendor Advisory

http://www.kb.cert.org/vuls/id/876678

KEV Catalog EPSS Scores Vendors All CVEs