CVE-2006-3910

CVE Database · CVE-2006-3910

CVE-2006-3910

· N/AModified

CVSS v3.1

N/A

EPSS

16.65%

Published

Jul 27, 2006

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBMicrosoft Internet Explorer 6 - OVCtl Denial of Service

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Internet Explorer 6 on Windows XP SP2, when Outlook is installed, allows remote attackers to cause a denial of service (crash) by calling the NewDefaultItem function of an OVCtl (OVCtl.OVCtl.1) ActiveX object, which triggers a null dereference.

Affected Products (1)

microsoft · ievulnerable

References (10)

http://browserfun.blogspot.com/2006/07/mobb-20-ovctl-newdefaultitem.html

Exploit

http://www.osvdb.org/27112

http://www.securityfocus.com/bid/19079

Exploit

http://www.vupen.com/english/advisories/2006/2915

https://exchange.xforce.ibmcloud.com/vulnerabilities/27845

http://browserfun.blogspot.com/2006/07/mobb-20-ovctl-newdefaultitem.html

Exploit

http://www.osvdb.org/27112

http://www.securityfocus.com/bid/19079

Exploit

http://www.vupen.com/english/advisories/2006/2915

KEV Catalog EPSS Scores Vendors All CVEs