CVE-2006-4704

Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability

Severity Score

6.8

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability."

Vulnerabilidad de secuencias de comandos en zonas cruzadas en el Control ActiveX (WmiScriptUtils.dll) del WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) en el Microsoft Visual Studio 2005 permite atacantes remotos evitar las restricciones de la zona de Internet y ejecutar código de su elección instanciando objetos peligrosos, también conocido como "Vulnerabilidad WMI Object Broker".

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. Successful exploitation requires that the target user browse to a malicious web page.
The specific flaw exists in the Microsoft WMIScriptUtils.WMIObjectBroker2 ActiveX control which is bundled with Visual Studio 2005. An attacker can utilize this control to bypass Internet zone security restrictions and instantiate other dangerous objects that can be leveraged to result in arbitrary code execution.

*Credits: Anonymous

CVSS Scores

NISTv2 6.8

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-09-11 CVE Reserved
2006-11-01 CVE Published
2010-09-20 First Exploit
2024-08-07 CVE Updated
2024-09-21 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (18)

URL	Tag	Source
http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx	X_refsource_confirm
http://research.eeye.com/html/alerts/zeroday/20061031.html	X_refsource_misc
http://securitytracker.com/id?1017142	Vdb Entry
http://www.kb.cert.org/vuls/id/854856	Third Party Advisory
http://www.securityfocus.com/archive/1/454201/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/20797	Vdb Entry
http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf	X_refsource_misc
http://www.us-cert.gov/cas/techalerts/TA06-346A.html	Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-06-047.html	X_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/29915	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A288	Signature

URL	Date	SRC
https://www.exploit-db.com/exploits/16561	2010-09-20
http://www.securityfocus.com/bid/20843	2024-08-07

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/22603	2018-10-17
http://www.microsoft.com/technet/security/advisory/927709.mspx	2018-10-17
http://www.securityfocus.com/archive/1/454969/100/200/threaded	2018-10-17
http://www.vupen.com/english/advisories/2006/4282	2018-10-17
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-073	2018-10-17

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Microsoft Search vendor "Microsoft"		Visual Studio .net Search vendor "Microsoft" for product "Visual Studio .net"				2005 Search vendor "Microsoft" for product "Visual Studio .net" and version "2005"		-		Affected