CVE-2006-4627

Currently unrated

Key Information:

Vendor
Microsoft
Status
System Information Activex Control
Vendor
CVE Published:
7 September 2006

Summary

System Information ActiveX control (msinfo.dll), when accessed via Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via a SaveFile function with a long (1) computer and possibly (2) filename and (3) category argument.

References

http://www.osvdb.org/28381
vdb-entryx_refsource_OSVDB
http://noderat.spaces.live.com/blog/cns%216ADE4614B66EADD...
x_refsource_MISC
http://www.blogger.com/comment.g?blogID=30557436&postID=1...
x_refsource_MISC

EPSS Score

2% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

Collectors

NVD DatabaseMitre Database
.