Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-0020
HistoryJan 10, 2006 - 9:03 p.m.

CVE-2006-0020

2006-01-1021:03:00
CWE-189
[email protected]
web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.974 High

EPSS

Percentile

99.9%

JSON

An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka “WMF Image Parsing Memory Corruption Vulnerability.”

Affected configurations

NVD
Node
microsoftwindows_2000sp4fr
OR
microsoftwindows_2003_serverMatchr2
OR
microsoftwindows_2003_serverMatchsp1
OR
microsoftwindows_98gold
OR
microsoftwindows_98se
OR
microsoftwindows_me
OR
microsoftwindows_xpsp1tablet_pc
OR
microsoftwindows_xpsp2tablet_pc

Related

cve 4
cvelist 4
prion 3
checkpoint_advisories 3
saint 4
securityvulns 5
nessus 2
canvas 1
packetstorm 1
cert 2
ubuntucve 2
nvd 3
debiancve 1
cve
cve
CVE-2006-0020
2006-01-10 21:03:00
CVE-2007-1211
2007-04-04 16:19:00
CVE-2006-0106
2006-01-06 18:03:00
cvelist
cvelist
CVE-2006-0020
2006-01-10 21:00:00
CVE-2006-0106
2006-01-06 18:00:00
CVE-2007-1211
2007-04-04 16:00:00
prion
prion
Integer overflow
2006-01-10 21:03:00
Code injection
2006-01-06 18:03:00
Sql injection
2007-04-04 16:19:00
checkpoint_advisories
checkpoint_advisories
WMF and EMF Files (CVE-2005-2123; CVE-2005-2124; CVE-2005-4560; CVE-2006-0020)
2006-02-22 00:00:00
Microsoft Windows WMF Handling Arbitrary Code Execution (CVE-2005-4560)
2010-03-22 00:00:00
Internet Explorer WMF Image Parsing Memory Corruption (CVE-2006-0020)
2010-02-14 00:00:00
saint
saint
Windows WMF handling vulnerability
2005-12-30 00:00:00
Windows WMF handling vulnerability
2005-12-30 00:00:00
Windows WMF handling vulnerability
2005-12-30 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS06-001 Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919)
2006-01-07 00:00:00
US-CERT Technical Cyber Security Alert TA05-362A -- Microsoft Windows Metafile Handling Buffer Overflow
2005-12-29 00:00:00
Lotus Notes WMF File Handling Code Execution Vulnerability
2005-12-30 00:00:00
nessus
nessus
MS06-001: Vulnerabilities in Graphics Rendering Engine Could Allow Code Execution (912919)
2006-01-05 00:00:00
MS06-004: Cumulative Security Update for Internet Explorer (910620)
2006-02-14 00:00:00
canvas
canvas
Immunity Canvas: WMF_SETABORT
2005-12-28 19:03:00
packetstorm
packetstorm
Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Execution
2009-11-26 00:00:00
cert
cert
Microsoft Windows Metafile handler SETABORTPROC GDI Escape vulnerability
2005-12-28 00:00:00
Microsoft WMF memory corruption vulnerability
2006-02-09 00:00:00
ubuntucve
ubuntucve
CVE-2006-0106
2006-01-06 00:00:00
CVE-2005-4560
2005-12-28 00:00:00
nvd
nvd
CVE-2006-0106
2006-01-06 18:03:00
CVE-2007-1211
2007-04-04 16:19:00
CVE-2005-4560
2005-12-28 19:03:00
debiancve
debiancve
CVE-2006-0106
2006-01-06 18:03:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.974 High

EPSS

Percentile

99.9%

JSON
Related for NVD:CVE-2006-0020
cve4cvelist4prion3checkpoint_advisories3saint4securityvulns5nessus2canvas1packetstorm1cert2ubuntucve2nvd3debiancve1