Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka “WMI Object Broker Vulnerability.”
blogs.technet.com/msrc/archive/2006/11/01/microsoft-security-advisory-927709-posted.aspx
research.eeye.com/html/alerts/zeroday/20061031.html
secunia.com/advisories/22603
securitytracker.com/id?1017142
www.kb.cert.org/vuls/id/854856
www.microsoft.com/technet/security/advisory/927709.mspx
www.securityfocus.com/archive/1/454201/100/0/threaded
www.securityfocus.com/archive/1/454969/100/200/threaded
www.securityfocus.com/bid/20797
www.securityfocus.com/bid/20843
www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf
www.us-cert.gov/cas/techalerts/TA06-346A.html
www.vupen.com/english/advisories/2006/4282
www.zerodayinitiative.com/advisories/ZDI-06-047.html
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-073
exchange.xforce.ibmcloud.com/vulnerabilities/29915
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A288