Microsoft Visual Studio 2005 WMI Object Broker Remote Code Execution Vulnerability

"Microsoft Visual Studio 2005 is prone to a vulnerability that could allow remote attackers to execute arbitrary code. This issue occurs because of an unspecified error in the WMI Object Broker ActiveX Control." is description of latest IE 6/Visual Studio 2005 Vulnerability.
The Vulnerability is very dangerous and can allow remote code execution as well as file upload/download.

So, all of our workers, please upgrade your IE version to 7 or switch to Windows Vista :)

 

More info and "Proof of concept" exploit you can find at: http://www.securityfocus.com/bid/20843/info

P.S. Take look at Perl exploit written for this Vulnerability, it is veeeery powerful ;)


Posted Dec 21 2006, 01:07 PM by Armin Kalajdzija
Filed under:
developers.de is a .Net Community Blog powered by daenet GmbH.