cvelistv5 - cve-2006-4704

CVE-2006-4704 (GCVE-0-2006-4704)

Vulnerability from cvelistv5

Published

2006-11-01 15:00

Modified

2024-08-07 19:23

Severity ?

CWE

Summary

Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability."

References

URL

Tags

	http://www.securityfocus.com/bid/20843	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/454201/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://research.eeye.com/html/alerts/zeroday/20061031.html	x_refsource_MISC
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-073	vendor-advisory, x_refsource_MS
	http://www.microsoft.com/technet/security/advisory/927709.mspx	vendor-advisory, x_refsource_MSKB
	http://www.securityfocus.com/bid/20797	vdb-entry, x_refsource_BID
	http://www.us-cert.gov/cas/techalerts/TA06-346A.html	third-party-advisory, x_refsource_CERT
	http://secunia.com/advisories/22603	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/4282	vdb-entry, x_refsource_VUPEN
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A288	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/archive/1/454969/100/200/threaded	vendor-advisory, x_refsource_HP
	http://securitytracker.com/id?1017142	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/454969/100/200/threaded	vendor-advisory, x_refsource_HP
	http://www.kb.cert.org/vuls/id/854856	third-party-advisory, x_refsource_CERT-VN
	http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf	x_refsource_MISC
	http://www.zerodayinitiative.com/advisories/ZDI-06-047.html	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/29915	vdb-entry, x_refsource_XF
	http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:23:41.174Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20843",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20843"
          },
          {
            "name": "20061212 ZDI-06-047: Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/454201/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://research.eeye.com/html/alerts/zeroday/20061031.html"
          },
          {
            "name": "MS06-073",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-073"
          },
          {
            "name": "927709",
            "tags": [
              "vendor-advisory",
              "x_refsource_MSKB",
              "x_transferred"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/927709.mspx"
          },
          {
            "name": "20797",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20797"
          },
          {
            "name": "TA06-346A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA06-346A.html"
          },
          {
            "name": "22603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22603"
          },
          {
            "name": "ADV-2006-4282",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4282"
          },
          {
            "name": "oval:org.mitre.oval:def:288",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A288"
          },
          {
            "name": "SSRT061288",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded"
          },
          {
            "name": "1017142",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017142"
          },
          {
            "name": "HPSBST02180",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded"
          },
          {
            "name": "VU#854856",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/854856"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-047.html"
          },
          {
            "name": "ie-wscriptshell-command-execution(29915)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29915"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-11-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka \"WMI Object Broker Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01.000Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "20843",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20843"
        },
        {
          "name": "20061212 ZDI-06-047: Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/454201/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://research.eeye.com/html/alerts/zeroday/20061031.html"
        },
        {
          "name": "MS06-073",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-073"
        },
        {
          "name": "927709",
          "tags": [
            "vendor-advisory",
            "x_refsource_MSKB"
          ],
          "url": "http://www.microsoft.com/technet/security/advisory/927709.mspx"
        },
        {
          "name": "20797",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20797"
        },
        {
          "name": "TA06-346A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA06-346A.html"
        },
        {
          "name": "22603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22603"
        },
        {
          "name": "ADV-2006-4282",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4282"
        },
        {
          "name": "oval:org.mitre.oval:def:288",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A288"
        },
        {
          "name": "SSRT061288",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded"
        },
        {
          "name": "1017142",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017142"
        },
        {
          "name": "HPSBST02180",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded"
        },
        {
          "name": "VU#854856",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/854856"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-047.html"
        },
        {
          "name": "ie-wscriptshell-command-execution(29915)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29915"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2006-4704",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka \"WMI Object Broker Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20843",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20843"
            },
            {
              "name": "20061212 ZDI-06-047: Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/454201/100/0/threaded"
            },
            {
              "name": "http://research.eeye.com/html/alerts/zeroday/20061031.html",
              "refsource": "MISC",
              "url": "http://research.eeye.com/html/alerts/zeroday/20061031.html"
            },
            {
              "name": "MS06-073",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-073"
            },
            {
              "name": "927709",
              "refsource": "MSKB",
              "url": "http://www.microsoft.com/technet/security/advisory/927709.mspx"
            },
            {
              "name": "20797",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20797"
            },
            {
              "name": "TA06-346A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA06-346A.html"
            },
            {
              "name": "22603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22603"
            },
            {
              "name": "ADV-2006-4282",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4282"
            },
            {
              "name": "oval:org.mitre.oval:def:288",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A288"
            },
            {
              "name": "SSRT061288",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded"
            },
            {
              "name": "1017142",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017142"
            },
            {
              "name": "HPSBST02180",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/454969/100/200/threaded"
            },
            {
              "name": "VU#854856",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/854856"
            },
            {
              "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf",
              "refsource": "MISC",
              "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-06-047.html",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-047.html"
            },
            {
              "name": "ie-wscriptshell-command-execution(29915)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29915"
            },
            {
              "name": "http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx",
              "refsource": "CONFIRM",
              "url": "http://blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2006-4704",
    "datePublished": "2006-11-01T15:00:00.000Z",
    "dateReserved": "2006-09-11T00:00:00.000Z",
    "dateUpdated": "2024-08-07T19:23:41.174Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2006-AVI-479

Vulnerability from certfr_avis

Une vulnérabilité dans Microsoft Visual Studio permet à une personne distante malintentionnée d'exécuter du code arbitraire.

Description

Une vulnérabilité présente dans un contrôle ActiveX dans Microsoft Visual Studio permet à un utilisateur distant malintentionné d'exécuter du code arbitraire.
Le contrôle ActiveX concerné est WMI Object Broker inclus dans WmiScriptUtils.dll.

Contournement provisoire

Microsoft propose plusieurs solutions de contournement dans son bulletin de sécurité, dont le blocage de l'exécution de l'ActiveX dans Internet Explorer en définissant le Kill bit relatif au contrôle dans le registre.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Microsoft Visual Studio 2005.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Avis de sécurité Microsoft du 31 octobre 2006	None	vendor-advisory
Bulletin de sécurité Microsoft 927709 du 31 octobre 2006 :	-	other
Bulletin de sécurité Microsoft 927709 du 31 octobre 2006 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eMicrosoft Visual Studio 2005.\u003c/p\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans un contr\u00f4le ActiveX dans Microsoft\nVisual Studio permet \u00e0 un utilisateur distant malintentionn\u00e9 d\u0027ex\u00e9cuter\ndu code arbitraire.  \nLe contr\u00f4le ActiveX concern\u00e9 est WMI Object Broker inclus dans\nWmiScriptUtils.dll.\n\n## Contournement provisoire\n\nMicrosoft propose plusieurs solutions de contournement dans son bulletin\nde s\u00e9curit\u00e9, dont le blocage de l\u0027ex\u00e9cution de l\u0027ActiveX dans Internet\nExplorer en d\u00e9finissant le Kill bit relatif au contr\u00f4le dans le\nregistre.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-4704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4704"
    }
  ],
  "initial_release_date": "2006-11-07T00:00:00",
  "last_revision_date": "2006-11-07T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft 927709 du 31 octobre 2006 :",
      "url": "http://www.microsoft.com/france/technet/security/advisory/927709.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft 927709 du 31 octobre 2006 :",
      "url": "http://www.microsoft.com/technet/security/advisory/927709.mspx"
    }
  ],
  "reference": "CERTA-2006-AVI-479",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-11-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans Microsoft Visual Studio permet \u00e0 une personne\ndistante malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Visual Studio",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Microsoft du 31 octobre 2006",
      "url": null
    }
  ]
}

CERTA-2006-AVI-544

Vulnerability from certfr_avis

Une vulnérabilité présente dans Microsoft Visual Studio 2005 permet l'exécution de code arbitraire à distance.

Description

Une vulnérabilité présente dans le contrôle WMI Object Broker utilisé dans Microsoft Visual Studio 2005 permet à un personne malintentionnée d'exécuter du code arbitraire à distance par le biais d'une page web spécialement conçue.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Visual Studio 2005 Standard Edition ;
Microsoft	N/A	Microsoft Visual Studio 2005 Team Edition for Testers.
Microsoft	N/A	Microsoft Visual Studio 2005 Team Suite ;
Microsoft	N/A	Microsoft Visual Studio 2005 Professional Edition ;
Microsoft	N/A	Microsoft Visual Studio 2005 Team Edition for Architects ;
Microsoft	N/A	Microsoft Visual Studio 2005 Team Edition for Developers ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS06-073 du 12 décembre 2006

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Visual Studio 2005 Standard Edition ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2005 Team Edition for Testers.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2005 Team Suite ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2005 Professional Edition ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2005 Team Edition for Architects ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Visual Studio 2005 Team Edition for Developers ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans le contr\u00f4le WMI Object Broker utilis\u00e9\ndans Microsoft Visual Studio 2005 permet \u00e0 un personne malintentionn\u00e9e\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance par le biais d\u0027une page web\nsp\u00e9cialement con\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-4704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4704"
    }
  ],
  "initial_release_date": "2006-12-13T00:00:00",
  "last_revision_date": "2006-12-13T00:00:00",
  "links": [],
  "reference": "CERTA-2006-AVI-544",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-12-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans Microsoft Visual Studio 2005 permet\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Visual Studio 2005",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS06-073 du 12 d\u00e9cembre 2006",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS06-073.mspx"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-4704 (GCVE-0-2006-4704)

Vulnerability from cvelistv5

CERTA-2006-AVI-479

Vulnerability from certfr_avis

Description

Contournement provisoire

Solution

CERTA-2006-AVI-544

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature