Lucene search
AnonymousZDI-06-047HistoryDec 12, 2006 - 12:00 a.m.
Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability
2006-12-1200:00:00
Anonymous
www.zerodayinitiative.com
17
EPSS
0.964
Percentile
99.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. Successful exploitation requires that the target user browse to a malicious web page. The specific flaw exists in the Microsoft WMIScriptUtils.WMIObjectBroker2 ActiveX control which is bundled with Visual Studio 2005. An attacker can utilize this control to bypass Internet zone security restrictions and instantiate other dangerous objects that can be leveraged to result in arbitrary code execution.
Related
checkpoint_advisories
checkpoint_advisories
cert
cert
WMI Object Broker ActiveX Control bypasses ActiveX security model
2006-11-01 00:00:00
saint
saint
Microsoft Visual Studio 2005 WMI Object Broker vulnerability
2007-01-15 00:00:00
Microsoft Visual Studio 2005 WMI Object Broker vulnerability
2007-01-15 00:00:00
Microsoft Visual Studio 2005 WMI Object Broker vulnerability
2007-01-15 00:00:00
securityvulns
securityvulns
nessus
nessus
cve
cve
CVE-2006-4704
2006-11-01 15:07:00
cvelist
cvelist
CVE-2006-4704
2006-11-01 15:00:00
nvd
nvd
CVE-2006-4704
2006-11-01 15:07:00
metasploit
metasploit
MS06-014 Microsoft Internet Explorer COM CreateObject Code Execution
2009-09-09 21:23:11
exploitdb
exploitdb