CVE-2006-5745

high Microsoft
CVSS v3 Base Score
7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C
EPSS Score
87.4%
Exploitation probability in 30 days
Top 1% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Confidentiality
C
Integrity
C
Availability
C
Published: November 6, 2006 (7128 days ago)
Last Modified: April 23, 2026
Vendor: Microsoft
Source: NVD

Description

Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote attackers to execute arbitrary code via crafted arguments that lead to memory corruption, a different vulnerability than CVE-2006-4685. NOTE: some of these details are obtained from third party information.

CWE

NVD-CWE-Other

Affected Products

microsoft xml core services

References

🔗 blogs.securiteam.com 🔗 secunia.com 🔗 securitytracker.com 🔗 www.iss.net 🔗 www.kb.cert.org