Advisory Details

December 12th, 2006

Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability

ZDI-06-047
ZDI-CAN-068

CVE ID CVE-2006-4704
CVSS SCORE
AFFECTED VENDORS Microsoft
AFFECTED PRODUCTS Visual Studio 2005
TREND MICRO CUSTOMER PROTECTION Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID ['4838']. For further product information on the TippingPoint IPS: http://www.tippingpoint.com
VULNERABILITY DETAILS

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. Successful exploitation requires that the target user browse to a malicious web page.

The specific flaw exists in the Microsoft WMIScriptUtils.WMIObjectBroker2 ActiveX control which is bundled with Visual Studio 2005. An attacker can utilize this control to bypass Internet zone security restrictions and instantiate other dangerous objects that can be leveraged to result in arbitrary code execution.

ADDITIONAL DETAILS Microsoft has issued an update to correct this vulnerability. More details can be found at:
http://www.microsoft.com/technet/security/Bulletin/MS06-073.mspx
DISCLOSURE TIMELINE
  • 2006-06-15 - Vulnerability reported to vendor
  • 2006-12-12 - Coordinated public release of advisory
CREDIT Anonymous
BACK TO ADVISORIES