CVE-2006-4704 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-4704
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-4704

Description: Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability."

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29915 ST 1017142 SAID Secunia Advisory: SA22603 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:288 MSKB http://www.microsoft.com/technet/security/advisory/927709.mspx MS http://www.microsoft.com/technet/security/bulletin/ms06-073.mspx MISC http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf http://research.eeye.com/html/alerts/zeroday/20061031.html http://www.zerodayinitiative.com/advisories/ZDI-06-047.html HP http://www.securityfocus.com/archive/1/archive/1/454969/100/200/threaded CONFIRM http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx CERT-VN 854856 CERT http://www.us-cert.gov/cas/techalerts/TA06-346A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/454201/100/0/threaded BID 20797 20843

Return to the previous page.