7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.482 Medium
EPSS
Percentile
97.5%
Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file, which results in a heap-based buffer overflow.
secunia.com/advisories/22878
securitytracker.com/id?1017222
www.coseinc.com/alert.html
www.kb.cert.org/vuls/id/810772
www.securityfocus.com/archive/1/458558/100/0/threaded
www.securityfocus.com/bid/21034
www.us-cert.gov/cas/techalerts/TA06-318A.html
www.vupen.com/english/advisories/2006/4506
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-068
exchange.xforce.ibmcloud.com/vulnerabilities/29945
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A154