CVE-2006-4686

EPSS 28.43%
Veröffentlicht 10.10.2006 22:07:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Xml Core Services Version3.0

Microsoft ≫ Xml Core Services Version4.0

Microsoft ≫ Xml Core Services Version6.0

Microsoft ≫ Xml Parser Version2.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	28.43%	0.963

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.securityfocus.com/archive/1/449179/100/0/threaded

http://secunia.com/advisories/22333

http://securitytracker.com/id?1017033

http://www.vupen.com/english/advisories/2006/3980

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-061

http://www.kb.cert.org/vuls/id/562788

US Government Resource

http://www.osvdb.org/29426

http://www.securityfocus.com/bid/20338

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A285

https://nvd.nist.gov/vuln/detail/CVE-2006-4686

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4686

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4686

EUVD