Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2006-4685
HistoryOct 10, 2006 - 10:07 p.m.

CVE-2006-4685

2006-10-1022:07:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
27
cve-2006-4685
microsoft xml parser
xml core services
activex
security vulnerability
http redirect
remote code execution
nvd

6.7 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.109 Low

EPSS

Percentile

95.1%

JSON

The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted attackers to access content from other domains.

Related

cert 1
nessus 1
securityvulns 1
cve 1
cert
cert
Microsoft XML Core Services XMLHTTP ActiveX control fails to properly interpret certain HTTP operations
2006-10-11 00:00:00
nessus
nessus
MS06-061: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191)
2006-10-10 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS06-061 Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191)
2006-10-11 00:00:00
cve
cve
CVE-2006-5745
2006-11-06 18:07:00

6.7 Medium

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.109 Low

EPSS

Percentile

95.1%

JSON
Related for CVE-2006-4685
cert1nessus1securityvulns1cve1