6.8
CVE-2006-4704
- EPSS 42.85%
- Veröffentlicht 01.11.2006 15:07:00
- Zuletzt bearbeitet 16.06.2026 22:29:37
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Visual Studio .Net Version2005
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 42.85% | 0.985 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://www.securityfocus.com/bid/20797
http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29915
http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx
http://research.eeye.com/html/alerts/zeroday/20061031.html
http://secunia.com/advisories/22603
http://securitytracker.com/id?1017142
http://www.kb.cert.org/vuls/id/854856
http://www.microsoft.com/technet/security/advisory/927709.mspx
http://www.securityfocus.com/archive/1/454201/100/0/threaded
http://www.securityfocus.com/archive/1/454969/100/200/threaded
http://www.securityfocus.com/bid/20843
http://www.us-cert.gov/cas/techalerts/TA06-346A.html
http://www.vupen.com/english/advisories/2006/4282
http://www.zerodayinitiative.com/advisories/ZDI-06-047.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-073
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A288