Buffer Overflow in Microsoft XML Parser and XML Core Services
CVE-2006-4686

Currently unrated

Key Information:

Vendor: Microsoft
Status: Xml Core Services; Xml Parser
Vendor: CVE Published:; 10 October 2006

What is CVE-2006-4686?

A buffer overflow vulnerability exists in the Extensible Stylesheet Language Transformations (XSLT) processing of Microsoft XML Parser and XML Core Services. This flaw can allow remote attackers to craft malicious web pages that, when accessed, may lead to arbitrary code execution on the affected systems. Users are encouraged to implement security updates to mitigate the risks associated with this vulnerability.

References

http://secunia.com/advisories/22333

third-party-advisoryx_refsource_SECUNIA

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securityfocus.com/archive/1/449179/100/0/threaded

vendor-advisoryx_refsource_HP

EPSS Score

28% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2006
Vulnerability Reserved
Sep 11, 2006