CVE-2006-4888

{"id": "CVE-2006-4888", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-09-19T21:07:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2006-07/0199.html", "source": "cve@mitre.org"}, {"url": "http://jonas.elunic.de/blog/index.php/2006/07/14/ie-freeze-bug/", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/28614", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Microsoft Internet Explorer 6 and earlier allows remote attackers to cause a denial of service (application hang) via a CSS-formatted HTML INPUT element within a DIV element that has a larger size than the INPUT."}, {"lang": "es", "value": "Microsoft Internet Explorer 6 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (aplicaci\u00f3n que no responde) v\u00eda un elemento INPUT HTML con formato CSS dentro de un elemento DIV que tiene un tama\u00f1o mayor que el INPUT."}], "lastModified": "2008-09-05T21:10:50.500", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:ie:*:windows_server_2003_sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66815960-CEFF-477A-A147-963A112206CF", "versionEndIncluding": "6"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}