|
|
CVE Reference: CVE-2006-5745 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-5745 |
|
|
Description: Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/30004 ST 1017157 SAID Secunia Advisory: SA22687 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:104 MS http://www.microsoft.com/technet/security/bulletin/ms06-071.mspx MISC http://blogs.securiteam.com/?p=717 http://xforce.iss.net/xforce/alerts/id/239 MILW0RM http://www.milw0rm.com/exploits/2743 ISS http://www.iss.net/threats/239.html CONFIRM http://www.microsoft.com/technet/security/advisory/927892.mspx CERT-VN 585137 CERT http://www.us-cert.gov/cas/techalerts/TA06-318A.html BID 20915 |
|
| Return to the previous page. |
