CVE-2006-5745

CVE Database · CVE-2006-5745

CVE-2006-5745

· N/AModified

CVSS v3.1

N/A

EPSS

75.78%

Published

Nov 6, 2006

Modified

Apr 22, 2026

Public PoC / Exploit (5)

All weaponized →

Exploit-DBMicrosoft Internet Explorer - XML Core Services HTTP Request Handling (MS06-071) (Metasploit)Exploit-DBMicrosoft Internet Explorer 6/7 - XML Core Services Remote Code Execution (1)Exploit-DBMicrosoft Internet Explorer 6/7 - XML Core Services Remote Code Execution (2)Exploit-DBMicrosoft Internet Explorer 6/7 - XML Core Services Remote Code Execution (3)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information.

Affected Products (1)

microsoft · xml_core_servicesvulnerable

References (20)

http://blogs.securiteam.com/?p=717

http://secunia.com/advisories/22687

Vendor Advisory

http://securitytracker.com/id?1017157

http://www.iss.net/threats/239.html

http://www.kb.cert.org/vuls/id/585137

US Government Resource

http://www.microsoft.com/technet/security/advisory/927892.mspx

http://www.securityfocus.com/bid/20915

Exploit

http://www.us-cert.gov/cas/techalerts/TA06-318A.html

US Government Resource

http://www.vupen.com/english/advisories/2006/4334

KEV Catalog EPSS Scores Vendors All CVEs