Alerts
Alerts
Zero-Day Tracker
Common Name:
WMI Object Broker ActiveX
Date Disclosed:
08/10/2006
Date Patched:
12/12/2006
Vendor:
Microsoft
Application:
Visual Studio 2005
Description:
A remote code execution vulnerability exists within Visual Studio 2005's WMI Object Broker ActiveX object which may be exploited by attackers to execute arbitrary code on a remote system by a specially-crafted website.
Severity:
High
Code Execution:
Yes
Impact:
Arbitrary code execution under the context of the logged in user
An ActiveX remote code execution vulnerability has a very high impact since the source of the malicious payload can be any site on the Internet. An even more critical problem is generated when clients are administrators on their local hosts, which would run the malicious payload with Administrator credentials.
Mitigation:
The best form of mitigation is available by kill-bitting the CLSIDs for the WMI Object Broker ActiveX Control (7F5B7F63-F06F-4331-8A26-339E03C0AE3D) following the directions of KB240797.
NOTE:The Microsoft patch will kill-bit the ActiveX, as well as update the binary.
Protection:
Patch:
Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)
Links:
CVE-2006-4704
Microsoft Security Advisory (927709)
Metasploit Plugin - Internet Explorer COM CreateObject Code Execution
Status:
8/10/2006: Metasploit Plugin Released
12/12/2006: Microsoft Patch Released
Common Name:
WMI Object Broker ActiveX
Date Disclosed:
08/10/2006
Date Patched:
12/12/2006
Vendor:
Microsoft
Application:
Visual Studio 2005
Description:
A remote code execution vulnerability exists within Visual Studio 2005's WMI Object Broker ActiveX object which may be exploited by attackers to execute arbitrary code on a remote system by a specially-crafted website.
Severity:
High
Code Execution:
Yes
Impact:
Arbitrary code execution under the context of the logged in user
An ActiveX remote code execution vulnerability has a very high impact since the source of the malicious payload can be any site on the Internet. An even more critical problem is generated when clients are administrators on their local hosts, which would run the malicious payload with Administrator credentials.
Mitigation:
The best form of mitigation is available by kill-bitting the CLSIDs for the WMI Object Broker ActiveX Control (7F5B7F63-F06F-4331-8A26-339E03C0AE3D) following the directions of KB240797.
NOTE:The Microsoft patch will kill-bit the ActiveX, as well as update the binary.
Protection:
- eEye's Retina® Network Security Scanner scans devices to detect for this vulnerability.
Patch:
Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674)
Links:
CVE-2006-4704
Microsoft Security Advisory (927709)
Metasploit Plugin - Internet Explorer COM CreateObject Code Execution
Status:
8/10/2006: Metasploit Plugin Released
12/12/2006: Microsoft Patch Released
