Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information.
blogs.securiteam.com/?p=717
secunia.com/advisories/22687
securitytracker.com/id?1017157
www.iss.net/threats/239.html
www.kb.cert.org/vuls/id/585137
www.microsoft.com/technet/security/advisory/927892.mspx
www.securityfocus.com/bid/20915
www.us-cert.gov/cas/techalerts/TA06-318A.html
www.vupen.com/english/advisories/2006/4334
xforce.iss.net/xforce/alerts/id/239
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-071
exchange.xforce.ibmcloud.com/vulnerabilities/30004
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A104
www.exploit-db.com/exploits/2743