CVE-2006-4686 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-4686

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted Web page.

Affected Software

Name	Vendor	Start Version	End Version
Xml_core_services	Microsoft	3.0	3.0
Xml_core_services	Microsoft	4.0	4.0
Xml_core_services	Microsoft	6.0	6.0
Xml_parser	Microsoft	2.6	2.6

References

http://www.kb.cert.org/vuls/id/562788
http://www.securityfocus.com/bid/20338
http://securitytracker.com/id?1017033
http://secunia.com/advisories/22333
http://www.osvdb.org/29426
http://www.vupen.com/english/advisories/2006/3980
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A285
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-061
http://www.securityfocus.com/archive/1/449179/100/0/threaded