CVE-2006-2766

CVE Database · CVE-2006-2766

CVE-2006-2766

· N/AModified

CVSS v3.1

N/A

EPSS

47.92%

Published

Jun 2, 2006

Modified

Apr 15, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft Windows XP/2000/2003 - MHTML URI Buffer Overflow (PoC)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service (application crash) via a long mhtml URI in the URL value in a URL file.

Affected Products (5)

microsoft · ievulnerable

microsoft · internet_explorervulnerable

References (20)

http://secunia.com/advisories/20384

Vendor Advisory

http://securitytracker.com/id?1016654

http://www.kb.cert.org/vuls/id/891204

US Government Resource

http://www.osvdb.org/25949

http://www.securityfocus.com/archive/1/435492/100/0/threaded

http://www.securityfocus.com/archive/1/435609/100/0/threaded

http://www.securityfocus.com/archive/1/435616/100/0/threaded

http://www.securityfocus.com/bid/18198

Exploit

http://www.us-cert.gov/cas/techalerts/TA06-220A.html

US Government Resource

KEV Catalog EPSS Scores Vendors All CVEs