CVE-2006-4704
EXPLOITEDMicrosoft Visual Studio 2005 - XSS
Title source: llmDescription
Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote attackers to bypass Internet zone restrictions and execute arbitrary code by instantiating dangerous objects, aka "WMI Object Broker Vulnerability."
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16561
metasploit
WORKING POC
EXCELLENT
by hdm · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ie_createobject.rb
References (17)
Scores
EPSS
0.7213
EPSS Percentile
98.8%
Details
VulnCheck KEV
2007-01-09
Status
published
Products (1)
microsoft/visual_studio_.net
2005
Published
Nov 01, 2006
Tracked Since
Feb 18, 2026