PT-2006-5482 · Microsoft · Wmi Object Broker Activex Control+2

H D Moore

Publicado

2006-11-01

Atualizado

2018-10-17

CVE-2006-4704

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio 2005

Description A cross-zone scripting issue exists in the WMI Object Broker ActiveX control, allowing remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects.

Recommendations For Microsoft Visual Studio 2005, consider disabling the WMI Object Broker ActiveX control until a patch is available. Restrict access to the WmiScriptUtils.dll to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-4704

Produtos afetados

Visual Studio

Wmi Object Broker Activex Control

Wmiscriptutils.Dll

PT-2006-5482 · Microsoft · Wmi Object Broker Activex Control+2

CVE-2006-4704

Identificadores relacionados

Produtos afetados

Referências · 20