CVE-2006-4495

Public PoC / Exploit (2)

Exploit-DBMicrosoft Windows Server 2000 - Multiple COM Object Instantiation Code Execution Vulnerabilities TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Internet Explorer allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Windows 2000 ActiveX COM Objects including (1) ciodm.dll, (2) myinfo.dll, (3) msdxm.ocx, and (4) creator.dll.

Affected Products (21)

microsoft · ievulnerable

microsoft · windows_2003_servervulnerable

References (10)

http://securityreason.com/securityalert/1474

http://www.securityfocus.com/archive/1/443896/100/100/threaded

http://www.securityfocus.com/bid/19636

http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=16

https://exchange.xforce.ibmcloud.com/vulnerabilities/28512

http://securityreason.com/securityalert/1474

http://www.securityfocus.com/archive/1/443896/100/100/threaded

http://www.securityfocus.com/bid/19636

http://www.xsec.org/index.php?module=Releases&act=view&type=1&id=16

https://exchange.xforce.ibmcloud.com/vulnerabilities/28512