6.8

CVE-2006-4704

Exploit
Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftVisual Studio .Net Version2005
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 42.85% 0.985
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/bid/20797
http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29915
http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx
http://research.eeye.com/html/alerts/zeroday/20061031.html
http://secunia.com/advisories/22603
Vendor Advisory
http://securitytracker.com/id?1017142
http://www.kb.cert.org/vuls/id/854856
US Government Resource
http://www.microsoft.com/technet/security/advisory/927709.mspx
Vendor Advisory
http://www.securityfocus.com/archive/1/454201/100/0/threaded
http://www.securityfocus.com/archive/1/454969/100/200/threaded
http://www.securityfocus.com/bid/20843
Exploit
http://www.us-cert.gov/cas/techalerts/TA06-346A.html
US Government Resource
http://www.vupen.com/english/advisories/2006/4282
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-06-047.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-073
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A288