Lucene search

K

[email protected]NVD:CVE-2006-3439

HistoryAug 09, 2006 - 1:04 a.m.

CVE-2006-3439

2006-08-0901:04:00

[email protected]

web.nvd.nist.gov

5

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.965

Percentile

99.6%

Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.

Affected configurations

Nvd

Node

microsoftwindows_2000sp4fr

OR

microsoftwindows_2003_serverMatch64-bit

OR

microsoftwindows_2003_serverMatchitanium

OR

microsoftwindows_2003_serverMatchr2

OR

microsoftwindows_2003_serverMatchsp1

OR

microsoftwindows_2003_serverMatchsp1itanium

OR

microsoftwindows_xp64-bit

OR

microsoftwindows_xpsp1tablet_pc

OR

microsoftwindows_xpsp2tablet_pc

References

secunia.com/advisories/21388

securitytracker.com/id?1016667

www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html

www.dhs.gov/dhspublic/display?content=5789

www.kb.cert.org/vuls/id/650769

www.securityfocus.com/bid/19409

www.us-cert.gov/cas/techalerts/TA06-220A.html

www.vupen.com/english/advisories/2006/3210

docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-040

exchange.xforce.ibmcloud.com/vulnerabilities/28002

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A492

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.965

Percentile

99.6%

Related for NVD:CVE-2006-3439

cvelist2 cve2 openvas1 cert2 checkpoint_advisories5 securityvulns3 nvd1 prion1 metasploit1 nessus5 canvas1 saint4 packetstorm1 exploitdb3 trendmicroblog1