CVE-2006-7031

high-risk

Published 2007-02-23

Microsoft Internet Explorer 6.0.2900 SP2 and earlier allows remote attackers to cause a denial of service (crash) via a table element with a CSS attribute that sets the position, which triggers an "unhandled exception" in mshtml.dll.

Do I need to act?

24.6% chance of exploitation in next 30 days

EPSS score — higher than 75% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

1775

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.5/10 Medium

NETWORK / LOW complexity

Affected Products (1)

Internet Explorer

Affected Vendors

Microsoft

References (4)

http://www.securityfocus.com/bid/17932

https://www.exploit-db.com/exploits/1775

http://www.securityfocus.com/bid/17932

https://www.exploit-db.com/exploits/1775

/ 100

high-risk

Severity 24/34 · High

Exploitability 22/34 · High

Exposure 5/34 · Minimal