7.5
CVE-2006-4686
- EPSS 28.95%
- Veröffentlicht 10.10.2006 22:07:00
- Zuletzt bearbeitet 16.06.2026 22:29:35
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Xml Core Services Version3.0
Microsoft ≫ Xml Core Services Version4.0
Microsoft ≫ Xml Core Services Version6.0
Microsoft ≫ Xml Parser Version2.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 28.95% | 0.979 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.securityfocus.com/archive/1/449179/100/0/threaded
http://secunia.com/advisories/22333
http://securitytracker.com/id?1017033
http://www.vupen.com/english/advisories/2006/3980
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-061
http://www.kb.cert.org/vuls/id/562788
http://www.osvdb.org/29426
http://www.securityfocus.com/bid/20338
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A285