Check Point Advisories

Preemptive Protection against Microsoft XML Remote Code Execution Vulnerability (MS06-071)

Check Point Reference: CPAI-2006-134
Date Published: 14 Nov 2006
Severity: Critical
Last Updated: Thursday 03 May, 2007
Source: Microsoft Security Bulletin MS06-071
Industry Reference:CVE-2006-5745
Protection Provided by:
Who is Vulnerable? Microsoft XML Core Services 4.0 for Windows 2000 SP4
Microsoft XML Core Services 4.0 for Microsoft Windows XP SP2
Microsoft XML Core Services 4.0 for Microsoft Windows Server 2003
Microsoft XML Core Services 4.0 for Microsoft Windows Server 2003 SP1
Vulnerability Description XMLHTTP, an ActiveX control that is included in Microsoft XML Core Services (MSXML), is vulnerable to remote code execution. MSXML is an application for processing Extensible Stylesheet Language Transformation in an XML file that allows programmers to create high-performance XML-based applications. XMLHTTP allows web pages to transmit or receive XML data. By convincing a user to visit a specially crafted Web page, a remote attacker may trigger this vulnerability to deny service from legitimate users (by causing the victim's Web browser to crash) or execute arbitrary code on an affected system.
Update/Patch AvaliableApply patches:
Microsoft Security Bulletin MS06-071
Vulnerability DetailsThe vulnerability is due to a memory corruption flaw in the XMLHTTP ActiveX Control when processing a specially crafted argument passed to a 'setRequestHeader' method. An attacker can trigger this flaw by convincing a user to view a specially crafted HTML document. Successful exploitation could result in the crashing of the victim's Web browser, once the malicious page is loaded allowing execution of arbitrary code.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.