CVE-2006-4560 Vulnerability Details

  /     /     /  

CVE-2006-4560 Metadata Quick Info

CVE Published: 06/09/2006 | CVE Updated: 07/08/2024 | CVE Year: 2006
Source: mitre | Vendor: n/a | Product: n/a
Status : PUBLISHED

---

CVE-2006-4560 Description

Internet Explorer 6 on Windows XP SP2 allows remote attackers to execute arbitrary JavaScript in the context of the browser\'s session with an arbitrary intranet web server, by hosting script on an Internet web server that can be made inaccessible by the attacker and that has a domain name under the attacker\'s control, which can force the browser to drop DNS pinning and perform a new DNS query for the domain name after the script is already running.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: n/a
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).