CVE-2006-4686

Currently unrated

Key Information:

Vendor: Microsoft
Status: Xml Core Services; Xml Parser
Vendor: CVE Published:; 10 October 2006

Summary

Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page.

References

http://secunia.com/advisories/22333

third-party-advisoryx_refsource_SECUNIA

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securityfocus.com/archive/1/449179/100/0/threaded

vendor-advisoryx_refsource_HP

EPSS Score

60% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 10, 2006
Vulnerability Reserved
Sep 11, 2006

Collectors

NVD DatabaseMitre Database