Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2006-4704

Published: 01/11/2006 Updated: 17/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Visual Studio .net

Vulnerability Summary

Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote malicious users to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft visual studio .net 2005

Exploits

Exploit DB: Microsoft Internet Explorer - COM CreateObject Code Execution (MS06-014/MS06-073) (Metasploit)
## # $Id: ie_createobjectrb 10394 2010-09-20 08:06:27Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class ...

Recent Articles

Exploit kits attack vector – mid-year update
Securelist • Vicente Diaz • 01 Aug 2011

It is very interesting to see how short the lifespan of an exploit kit is. Some kits that were once popular and infected thousands of users are no longer being used. Even more interesting is the fact that some old kits make a comeback rearmed with fresh new exploits and reach the top of the rankings in serving malware. However, the most interesting area of study is how current exploits are used and their targets. In order to get some perspective, let?s start by analyzing the situation in 2010. T...

Read more...

References

NVD-CWE-Otherhttp://www.microsoft.com/technet/security/advisory/927709.mspxhttp://www.securityfocus.com/bid/20843http://secunia.com/advisories/22603http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspxhttp://www.kb.cert.org/vuls/id/854856http://securitytracker.com/id?1017142http://research.eeye.com/html/alerts/zeroday/20061031.htmlhttp://www.zerodayinitiative.com/advisories/ZDI-06-047.htmlhttp://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdfhttp://www.securityfocus.com/bid/20797http://www.us-cert.gov/cas/techalerts/TA06-346A.htmlhttp://www.vupen.com/english/advisories/2006/4282https://exchange.xforce.ibmcloud.com/vulnerabilities/29915https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A288https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-073http://www.securityfocus.com/archive/1/454969/100/200/threadedhttp://www.securityfocus.com/archive/1/454201/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/16561/https://www.kb.cert.org/vuls/id/854856
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook