virus logo Intrusion Prevention

MS.WMIScriptUtils.Dll.WMIObjectBroker2.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a remote Code Execution vulnerability in WMI Object Broker ActiveX Control.
The vulnerability, which is located in the "WMIScriptUtils.dll" ActiveX control, can be exploited through misuse of the "WMIObjectBroker2" property. It may allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely cause the program to crash, resulting in a Denial of Service condition.

affected-products-logoAffected Products

Microsoft Visual Studio 2005 Team Edition for Testers
Microsoft Visual Studio 2005 Team Edition for Developers
Microsoft Visual Studio 2005 Team Edition for Architects
Microsoft Visual Studio 2005 Team Edition
Microsoft Visual Studio 2005 Standard Edition
Microsoft Visual Studio 2005 Professional Edition
Microsoft Visual Studio 2005
Avaya Web Messenger
Avaya VPNmanagerTM Console
Avaya Visual Vector Client
Avaya Visual Messenger TM
Avaya Unified Messenger (r)
Avaya Unified Communications Center S3400
Avaya Unified Communication Center
Avaya Speech Access
Avaya Outbound Contact Management
Avaya Operational Analyst
Avaya OctelDesignerTM
Avaya OctelAccess(r) Server
Avaya Network Reporting
Avaya Modular Messaging (MSS) 2.0 SP4
Avaya Modular Messaging (MSS) 2.0
Avaya Modular Messaging (MSS) 1.1
Avaya Modular Messaging (MAS) 3.0
Avaya Modular Messaging (MAS)
Avaya Modular Messaging S3400
Avaya IP Softphone
Avaya IP Agent
Avaya Interaction Center - Voice Quick Start
Avaya Interaction Center
Avaya Integrated Management 2.1
Avaya Integrated Management
Avaya Enterprise Management
Avaya CVLAN
Avaya Contact Center Express
Avaya Computer Telephony
Avaya CMS Supervisor 0
Avaya Basic Call Management System Reporting Desktop server
Avaya Basic Call Management System Reporting Desktop
Avaya Agent Access

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the latest update from the vendor.
Microsoft Visual Studio 2005
http://www.microsoft.com/downloads/details.aspx?familyid=C2682C53-8E9A-4C7D-B782-BE78512DCBFA&displaylang=en

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 29601
Created Oct 27, 2011
Updated Nov 08, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2006-4704
Exploit Prediction Score 96.49%
Default Action drop
Active
Affected OS Windows
Affected App Other