CVE-2006-4686

EPSS 28.43%
Published 10.10.2006 22:07:00
Last modified 09.04.2025 00:30:58
Source secure@microsoft.com
Teams watchlist Login
Open Login

Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Xml Core Services Version3.0

Microsoft ≫ Xml Core Services Version4.0

Microsoft ≫ Xml Core Services Version6.0

Microsoft ≫ Xml Parser Version2.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	28.43%	0.963

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.securityfocus.com/archive/1/449179/100/0/threaded

http://secunia.com/advisories/22333

http://securitytracker.com/id?1017033

http://www.vupen.com/english/advisories/2006/3980

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-061

http://www.kb.cert.org/vuls/id/562788

US Government Resource

http://www.osvdb.org/29426

http://www.securityfocus.com/bid/20338

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A285

https://nvd.nist.gov/vuln/detail/CVE-2006-4686

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4686

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4686

EUVD