CVE-2006-5577

high

Description

Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A313

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-072

http://www.vupen.com/english/advisories/2006/4966

http://www.us-cert.gov/cas/techalerts/TA06-346A.html

http://www.securityfocus.com/bid/21507

http://www.securityfocus.com/archive/1/454969/100/200/threaded

http://www.osvdb.org/30816

http://securitytracker.com/id?1017374

http://secunia.com/advisories/23288

Details

Source: Mitre, NVD

Published: 2006-12-12

Updated: 2018-10-17

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High