CVE-2006-5745 - CVE Reference - Advisories

CVE Reference: CVE-2006-5745

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5745

Description: Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/30004 ST 1017157 SAID Secunia Advisory: SA22687 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:104 MS http://www.microsoft.com/technet/security/bulletin/ms06-071.mspx MISC http://blogs.securiteam.com/?p=717 http://xforce.iss.net/xforce/alerts/id/239 CONFIRM http://www.microsoft.com/technet/security/advisory/927892.mspx CERT-VN 585137 CERT http://www.us-cert.gov/cas/techalerts/TA06-318A.html BID 20915

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Microsoft Windows DNS Spoofing Vulnerabilities

2.	Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

3.	Microsoft Windows Explorer Saved Search Vulnerability

4.	Microsoft SQL Server and MSDE Multiple Vulnerabilities

5.	Joomla Unauthorized Access Vulnerabilities

6.	Microsoft Outlook Web Access Script Insertion Vulnerabilities

7.	ArticleBeach Script "page" File Inclusion Vulnerability

8.	Mozilla Firefox Multiple Vulnerabilities

9.	Symantec Brightmail AntiSpam Notifier Denial of Service

10.	PHP-Nuke 4ndvddb Module "id" SQL Injection Vulnerability