CVE-2006-3869

CVE Database · CVE-2006-3869

CVE-2006-3869

· N/AModified

CVSS v3.1

N/A

EPSS

40.82%

Published

Aug 22, 2006

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Heap-based buffer overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1, with versions the MS06-042 patch before 20060824, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL on a website that uses HTTP 1.1 compression.

Affected Products (1)

microsoft · ievulnerable

References (20)

http://secunia.com/advisories/21557

Vendor Advisory

http://securityreason.com/securityalert/1441

http://securitytracker.com/id?1016731

http://support.microsoft.com/kb/923762/

Patch

http://www.kb.cert.org/vuls/id/821156

PatchUS Government Resource

http://www.microsoft.com/technet/security/advisory/923762.mspx

Patch

http://www.nsfocus.com/english/homepage/research/0608.htm

http://www.osvdb.org/28132

http://www.securityfocus.com/archive/1/444046/100/0/threaded

KEV Catalog EPSS Scores Vendors All CVEs