CVE-2006-4704
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2006-4704
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Visual Studio "WMI Object Broker"控件代码执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Visual Studio是美国微软(Microsoft)公司的一款开发工具套件系列产品,也是一个基本完整的开发工具集。它包括了整个软件生命周期中所需要的大部分工具。 Visual Studio的'WMI Object Broker’控件在例程的创建和处理上存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意恶意代码。 Visual Studio所捆绑的WMI Object Broker ActiveX控件允许创建系统上已有的ActiveX控件例程。以这种方式创建的ActiveX对象
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2006-4704
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2006-4704
Please Login to view more intelligence information
- http://research.eeye.com/html/alerts/zeroday/20061031.htmlx_refsource_MISC
- http://www.zerodayinitiative.com/advisories/ZDI-06-047.htmlx_refsource_MISC
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-073vendor-advisoryx_refsource_MS
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A288vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2006-4704
Same Patch Batch · n/a · 2006-11-01 · 16 CVEs total
| CVE-2006-4517 | Novell IManager Tomcat拒绝服务漏洞 | |
| CVE-2006-4839 | Sophos Anti-Virus Petite插件拒绝服务漏洞 | |
| CVE-2006-5645 | Sophos Anti-Virus多个拒绝服务漏洞 | |
| CVE-2006-5646 | Sophos Anti-Virus 堆溢出漏洞 | |
| CVE-2006-5647 | Sophos Anti-Virus Sophos Anti-Virus拒绝服务漏洞 | |
| CVE-2006-5634 | PHPProfiles 多个PHP远程文件包含漏洞 | |
| CVE-2006-5635 | Web Wiz Forum 'Search.ASP' SQL注入漏洞 | |
| CVE-2006-5636 | Simple Website Software 'Common.PHP'远程文件包含漏洞 | |
| CVE-2006-5637 | FAQ Administrator 'FAQ_Reply.PHP'远程文件包含漏洞 | |
| CVE-2006-5638 | PHP My Ring 'Cherche.PHP' SQL注入漏洞 | |
| CVE-2006-5639 | OpenWBEM随机数生成器未明安全漏洞 | |
| CVE-2006-5640 | Techno Dreams Guestbook 'Guestbookview.ASP' SQL注入漏洞 | |
| CVE-2006-5641 | Techno Dreams Announcement 'MainAnnounce2.ASP' SQL注入漏洞 | |
| CVE-2006-5642 | NmnLogger未明漏洞 | |
| CVE-2006-5643 | Foresite CMS 'search_de.html'跨站脚本攻击漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service - CVE-2026-8267
Open5GS SMF smf_nsmf_handle_created_data_in_vsmf denial of s - CVE-2026-8266
Open5GS SMF gsm-build.c gsm_build_pdu_session_establishment_
V. Comments for CVE-2006-4704
No comments yet