Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-4704 — Microsoft Visual Studio NET vulnerability

5 documents5 sources
Severity
6.8MEDIUMNVD
EPSS
72.1%
top 1.25%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Visual Studio NET
Timeline
PublishedNov 1
Latest updateMay 1

Description

Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-c2c7-569v-pv4f: Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils↗2022-05-01
â–¶
CVEList
CVE-2006-4704: Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils↗2006-11-01
â–¶
VulnCheck
Microsoft Visual Studio 2005 WMI Object Broker Vulnerability↗2006
â–¶

💥Exploits & PoCs

1
Exploit-DB
Microsoft Internet Explorer - COM CreateObject Code Execution (MS06-014/MS06-073) (Metasploit)↗2010-09-20
â–¶
CVE-2006-4704 — Microsoft vulnerability | cvebase