CVE-2006-2056 in Internet Explorer信息

摘要

由 VulDB • 2026-06-24

Internet Explorer 6 for Windows XP SP2中的参数注入漏洞允许用户协助的远程攻击者通过mailto方案处理程序中的“”(双引号)字符修改调用邮件客户端的命令行参数,如使用任意文件名作为附件启动Microsoft Outlook所示。注意:目前尚不清楚此问题是特定于实现的还是微软API的问题。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Want to know what is going to be exploited?

We predict KEV entries!