=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2006/VULN556
_____________________________________________________________________

DATE                      : 13/12/2006

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Visual Studio 2005.

======================================================================

MS06-073 - Vulnerability in Visual Studio 2005 Could Allow Remote
Code Execution (925674)

Affected Software:
  - Microsoft Visual Studio 2005

Full MS06-073 Advisory:
  http://www.microsoft.com/technet/security/Bulletin/MS06-073.mspx

Vulerability Details

WMI Object Broker Vulnerability
CVE-2006-4704

A remote code execution vulnerability exists in the WMI Object Broker control
that the WMI Wizard uses in Visual Studio 2005.An attacker could exploit the
vulnerability by constructing a specially crafted Web page that could
potentially allow remote code execution if a user viewed the Web page. An
attacker who successfully exploited this vulnerability could take complete
control of an affected system.

======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================