Vulnerabilities > CVE-2006-5745 - Remote Code Execution vulnerability in Microsoft XML Core Services 4.0
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Internet Explorer XML Core Services HTTP Request Handling. CVE-2006-5745. Remote exploit for windows platform id EDB-ID:16532 last seen 2016-02-02 modified 2010-07-03 published 2010-07-03 reporter metasploit source https://www.exploit-db.com/download/16532/ title Microsoft Internet Explorer - XML Core Services HTTP Request Handling id EDB-ID:2743
Metasploit
description | This module exploits a code execution vulnerability in Microsoft XML Core Services which exists in the XMLHTTP ActiveX control. This module is the modified version of http://www.milw0rm.com/exploits/2743 - credit to str0ke. This module has been successfully tested on Windows 2000 SP4, Windows XP SP2, Windows 2003 Server SP0 with IE6 \+ Microsoft XML Core Services 4.0 SP2. |
id | MSF:EXPLOIT/WINDOWS/BROWSER/MS06_071_XML_CORE |
last seen | 2020-06-13 |
modified | 2017-09-09 |
published | 2007-10-24 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5745 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/ms06_071_xml_core.rb |
title | MS06-071 Microsoft Internet Explorer XML Core Services HTTP Request Handling |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS06-071.NASL |
description | The remote host is running a version of Windows that contains a flaw in the Windows XML Core Services. An attacker may be able to execute arbitrary code on the remote host by constructing a malicious script and enticing a victim to visit a website or view a specially crafted email message. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 23647 |
published | 2006-11-14 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/23647 |
title | MS06-071: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (928088) |
code |
|
Oval
accepted | 2007-02-20T13:39:27.419-05:00 | ||||||||
class | vulnerability | ||||||||
contributors |
| ||||||||
definition_extensions |
| ||||||||
description | Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information. | ||||||||
family | windows | ||||||||
id | oval:org.mitre.oval:def:104 | ||||||||
status | accepted | ||||||||
submitted | 2006-11-15T12:28:05 | ||||||||
title | Microsoft XML Core Services Vulnerability | ||||||||
version | 65 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/83032/ms06_071_xml_core.rb.txt |
id | PACKETSTORM:83032 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | Trirat Puttaraksa |
source | https://packetstormsecurity.com/files/83032/Internet-Explorer-XML-Core-Services-HTTP-Request-Handling.html |
title | Internet Explorer XML Core Services HTTP Request Handling |
Saint
bid | 20915 |
description | Microsoft XMLHTTP ActiveX control setRequestHeader vulnerability |
id | win_patch_ie_xmlsetrequestheader |
osvdb | 30208 |
title | microsoft_xmlhttp_setrequestheader |
type | client |
References
- http://blogs.securiteam.com/?p=717
- http://secunia.com/advisories/22687
- http://securitytracker.com/id?1017157
- http://www.iss.net/threats/239.html
- http://www.kb.cert.org/vuls/id/585137
- http://www.microsoft.com/technet/security/advisory/927892.mspx
- http://www.securityfocus.com/bid/20915
- http://www.us-cert.gov/cas/techalerts/TA06-318A.html
- http://www.vupen.com/english/advisories/2006/4334
- http://xforce.iss.net/xforce/alerts/id/239
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-071
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30004
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A104
- https://www.exploit-db.com/exploits/2743