Search criteria
758 vulnerabilities found for windows_nt by microsoft
CVE-2010-0232 (GCVE-0-2010-0232)
Vulnerability from cvelistv5 – Published: 2010-01-21 19:00 – Updated: 2025-10-22 00:05
VLAI?
Summary
The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability."
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[dailydave] 20100119 We hold these axioms to be self evident",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.immunitysec.com/pipermail/dailydave/2010-January/006000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-released.aspx"
},
{
"name": "MS10-015",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-015"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.microsoft.com/technet/security/advisory/979682.mspx"
},
{
"name": "TA10-040A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
},
{
"name": "1023471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023471"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2010/Jan/341"
},
{
"name": "ADV-2010-0179",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0179"
},
{
"name": "37864",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37864"
},
{
"name": "38265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38265"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509106/100/0/threaded"
},
{
"name": "ms-win-gptrap-privilege-escalation(55742)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55742"
},
{
"name": "oval:org.mitre.oval:def:8344",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8344"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2010-0232",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T18:28:06.324249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0232"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:53.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0232"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-03T00:00:00+00:00",
"value": "CVE-2010-0232 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka \"Windows Kernel Exception Handler Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "[dailydave] 20100119 We hold these axioms to be self evident",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.immunitysec.com/pipermail/dailydave/2010-January/006000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-released.aspx"
},
{
"name": "MS10-015",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-015"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.microsoft.com/technet/security/advisory/979682.mspx"
},
{
"name": "TA10-040A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
},
{
"name": "1023471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023471"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2010/Jan/341"
},
{
"name": "ADV-2010-0179",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0179"
},
{
"name": "37864",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37864"
},
{
"name": "38265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38265"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509106/100/0/threaded"
},
{
"name": "ms-win-gptrap-privilege-escalation(55742)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55742"
},
{
"name": "oval:org.mitre.oval:def:8344",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8344"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-0232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka \"Windows Kernel Exception Handler Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[dailydave] 20100119 We hold these axioms to be self evident",
"refsource": "MLIST",
"url": "http://lists.immunitysec.com/pipermail/dailydave/2010-January/006000.html"
},
{
"name": "http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip",
"refsource": "MISC",
"url": "http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip"
},
{
"name": "http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-released.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-released.aspx"
},
{
"name": "MS10-015",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-015"
},
{
"name": "http://www.microsoft.com/technet/security/advisory/979682.mspx",
"refsource": "CONFIRM",
"url": "http://www.microsoft.com/technet/security/advisory/979682.mspx"
},
{
"name": "TA10-040A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
},
{
"name": "1023471",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023471"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Jan/341"
},
{
"name": "ADV-2010-0179",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0179"
},
{
"name": "37864",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37864"
},
{
"name": "38265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38265"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509106/100/0/threaded"
},
{
"name": "ms-win-gptrap-privilege-escalation(55742)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55742"
},
{
"name": "oval:org.mitre.oval:def:8344",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8344"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2010-0232",
"datePublished": "2010-01-21T19:00:00.000Z",
"dateReserved": "2010-01-07T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:53.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5232 (GCVE-0-2008-5232)
Vulnerability from cvelistv5 – Published: 2008-11-26 01:00 – Updated: 2024-08-07 10:49
VLAI?
Summary
Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt"
},
{
"name": "windowsmediaservices-callhtmlhelp-bo(44629)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44629"
},
{
"name": "30814",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30814"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0808-exploits/wms-overflow.txt"
},
{
"name": "1020733",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020733"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt"
},
{
"name": "windowsmediaservices-callhtmlhelp-bo(44629)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44629"
},
{
"name": "30814",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30814"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0808-exploits/wms-overflow.txt"
},
{
"name": "1020733",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020733"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt",
"refsource": "MISC",
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt"
},
{
"name": "windowsmediaservices-callhtmlhelp-bo(44629)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44629"
},
{
"name": "30814",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30814"
},
{
"name": "http://packetstormsecurity.org/0808-exploits/wms-overflow.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0808-exploits/wms-overflow.txt"
},
{
"name": "1020733",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020733"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5232",
"datePublished": "2008-11-26T01:00:00",
"dateReserved": "2008-11-25T00:00:00",
"dateUpdated": "2024-08-07T10:49:12.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6026 (GCVE-0-2007-6026)
Vulnerability from cvelistv5 – Published: 2007-11-20 00:00 – Updated: 2024-08-07 15:54
VLAI?
Summary
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-04"
},
{
"name": "VU#936529",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/936529"
},
{
"name": "20071116 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483858/100/100/threaded"
},
{
"name": "20071118 Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483888/100/100/threaded"
},
{
"name": "MS08-028",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028"
},
{
"name": "3376",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3376"
},
{
"name": "oval:org.mitre.oval:def:5578",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578"
},
{
"name": "20080513 TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/492019/100/0/threaded"
},
{
"name": "28398",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28398"
},
{
"name": "SSRT080071",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html"
},
{
"name": "26468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26468"
},
{
"name": "20071117 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483887/100/100/threaded"
},
{
"name": "TA08-134A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-134A.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ruder.cdut.net/blogview.asp?logID=227"
},
{
"name": "1018976",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018976"
},
{
"name": "HPSBST02336",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "microsoft-jet-engine-mdb-bo(38499)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38499"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483797/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-04"
},
{
"name": "VU#936529",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/936529"
},
{
"name": "20071116 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483858/100/100/threaded"
},
{
"name": "20071118 Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483888/100/100/threaded"
},
{
"name": "MS08-028",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028"
},
{
"name": "3376",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3376"
},
{
"name": "oval:org.mitre.oval:def:5578",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578"
},
{
"name": "20080513 TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/492019/100/0/threaded"
},
{
"name": "28398",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28398"
},
{
"name": "SSRT080071",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html"
},
{
"name": "26468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26468"
},
{
"name": "20071117 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483887/100/100/threaded"
},
{
"name": "TA08-134A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-134A.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ruder.cdut.net/blogview.asp?logID=227"
},
{
"name": "1018976",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018976"
},
{
"name": "HPSBST02336",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "microsoft-jet-engine-mdb-bo(38499)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38499"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483797/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-04",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-04"
},
{
"name": "VU#936529",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/936529"
},
{
"name": "20071116 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483858/100/100/threaded"
},
{
"name": "20071118 Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483888/100/100/threaded"
},
{
"name": "MS08-028",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028"
},
{
"name": "3376",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3376"
},
{
"name": "oval:org.mitre.oval:def:5578",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578"
},
{
"name": "20080513 TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/492019/100/0/threaded"
},
{
"name": "28398",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28398"
},
{
"name": "SSRT080071",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html"
},
{
"name": "26468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26468"
},
{
"name": "20071117 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483887/100/100/threaded"
},
{
"name": "TA08-134A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-134A.html"
},
{
"name": "http://ruder.cdut.net/blogview.asp?logID=227",
"refsource": "MISC",
"url": "http://ruder.cdut.net/blogview.asp?logID=227"
},
{
"name": "1018976",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018976"
},
{
"name": "HPSBST02336",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "microsoft-jet-engine-mdb-bo(38499)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38499"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483797/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6026",
"datePublished": "2007-11-20T00:00:00",
"dateReserved": "2007-11-19T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2401 (GCVE-0-2002-2401)
Vulnerability from cvelistv5 – Published: 2007-11-01 17:00 – Updated: 2024-09-16 16:22
VLAI?
Summary
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "win-execute-permissions-16bit(10132)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10132.php"
},
{
"name": "20020918 Execution Rights Not Checked Correctly For 16-bit Applications",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0211.html"
},
{
"name": "5740",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5740"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.abtrusion.com/msexe16.asp"
},
{
"name": "319458",
"tags": [
"vendor-advisory",
"x_refsource_MSKB",
"x_transferred"
],
"url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B319458"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-01T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "win-execute-permissions-16bit(10132)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10132.php"
},
{
"name": "20020918 Execution Rights Not Checked Correctly For 16-bit Applications",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0211.html"
},
{
"name": "5740",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5740"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.abtrusion.com/msexe16.asp"
},
{
"name": "319458",
"tags": [
"vendor-advisory",
"x_refsource_MSKB"
],
"url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B319458"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "win-execute-permissions-16bit(10132)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10132.php"
},
{
"name": "20020918 Execution Rights Not Checked Correctly For 16-bit Applications",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0211.html"
},
{
"name": "5740",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5740"
},
{
"name": "http://www.abtrusion.com/msexe16.asp",
"refsource": "MISC",
"url": "http://www.abtrusion.com/msexe16.asp"
},
{
"name": "319458",
"refsource": "MSKB",
"url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];319458"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2401",
"datePublished": "2007-11-01T17:00:00Z",
"dateReserved": "2007-11-01T00:00:00Z",
"dateUpdated": "2024-09-16T16:22:30.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1407 (GCVE-0-2003-1407)
Vulnerability from cvelistv5 – Published: 2007-10-20 10:00 – Updated: 2024-08-08 02:28
VLAI?
Summary
Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030211 SECURITY.NNOV: Windows NT 4.0/2000 cmd.exe long path buffer overflow/DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/311359"
},
{
"name": "6829",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6829"
},
{
"name": "win-cmd-cd-bo(11329)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11329"
},
{
"name": "3251",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3251"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030211 SECURITY.NNOV: Windows NT 4.0/2000 cmd.exe long path buffer overflow/DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/311359"
},
{
"name": "6829",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6829"
},
{
"name": "win-cmd-cd-bo(11329)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11329"
},
{
"name": "3251",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3251"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1407",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030211 SECURITY.NNOV: Windows NT 4.0/2000 cmd.exe long path buffer overflow/DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/311359"
},
{
"name": "6829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6829"
},
{
"name": "win-cmd-cd-bo(11329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11329"
},
{
"name": "3251",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3251"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1407",
"datePublished": "2007-10-20T10:00:00",
"dateReserved": "2007-10-19T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1973 (GCVE-0-2007-1973)
Vulnerability from cvelistv5 – Published: 2007-04-11 23:00 – Updated: 2024-08-07 13:13
VLAI?
Summary
Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:42.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37635",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37635"
},
{
"name": "2563",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2563"
},
{
"name": "20070410 EEYE: Windows VDM Zero Page Race Condition Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070410a.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \\Device\\PhysicalMemory section handle, a related issue to CVE-2007-1206."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "37635",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37635"
},
{
"name": "2563",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2563"
},
{
"name": "20070410 EEYE: Windows VDM Zero Page Race Condition Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070410a.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \\Device\\PhysicalMemory section handle, a related issue to CVE-2007-1206."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37635",
"refsource": "OSVDB",
"url": "http://osvdb.org/37635"
},
{
"name": "2563",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2563"
},
{
"name": "20070410 EEYE: Windows VDM Zero Page Race Condition Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded"
},
{
"name": "http://research.eeye.com/html/advisories/published/AD20070410a.html",
"refsource": "MISC",
"url": "http://research.eeye.com/html/advisories/published/AD20070410a.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1973",
"datePublished": "2007-04-11T23:00:00",
"dateReserved": "2007-04-11T00:00:00",
"dateUpdated": "2024-08-07T13:13:42.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1912 (GCVE-0-2007-1912)
Vulnerability from cvelistv5 – Published: 2007-04-10 23:00 – Updated: 2024-08-07 13:13
VLAI?
Summary
Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:41.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017901",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017901"
},
{
"name": "23382",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23382"
},
{
"name": "3693",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3693"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017901",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017901"
},
{
"name": "23382",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23382"
},
{
"name": "3693",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3693"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017901",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017901"
},
{
"name": "23382",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23382"
},
{
"name": "3693",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3693"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1912",
"datePublished": "2007-04-10T23:00:00",
"dateReserved": "2007-04-10T00:00:00",
"dateUpdated": "2024-08-07T13:13:41.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2379 (GCVE-0-2006-2379)
Vulnerability from cvelistv5 – Published: 2006-06-13 19:00 – Updated: 2024-08-07 17:51
VLAI?
Summary
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:51:04.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18374",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18374"
},
{
"name": "oval:org.mitre.oval:def:1787",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787"
},
{
"name": "20639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20639"
},
{
"name": "oval:org.mitre.oval:def:1483",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483"
},
{
"name": "VU#722753",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/722753"
},
{
"name": "oval:org.mitre.oval:def:1776",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776"
},
{
"name": "TA06-164A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
},
{
"name": "20060627 Re: Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/438482/100/0/threaded"
},
{
"name": "20060628 Re[2]: Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/438609/100/0/threaded"
},
{
"name": "1016290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016290"
},
{
"name": "oval:org.mitre.oval:def:1712",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712"
},
{
"name": "oval:org.mitre.oval:def:2018",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018"
},
{
"name": "20060625 Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702"
},
{
"name": "win-tcp-ip-driver-bo(26834)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26834"
},
{
"name": "oval:org.mitre.oval:def:1585",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585"
},
{
"name": "ADV-2006-2329",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2329"
},
{
"name": "MS06-032",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-032"
},
{
"name": "26433",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26433"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "18374",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18374"
},
{
"name": "oval:org.mitre.oval:def:1787",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787"
},
{
"name": "20639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20639"
},
{
"name": "oval:org.mitre.oval:def:1483",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483"
},
{
"name": "VU#722753",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/722753"
},
{
"name": "oval:org.mitre.oval:def:1776",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776"
},
{
"name": "TA06-164A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
},
{
"name": "20060627 Re: Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/438482/100/0/threaded"
},
{
"name": "20060628 Re[2]: Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/438609/100/0/threaded"
},
{
"name": "1016290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016290"
},
{
"name": "oval:org.mitre.oval:def:1712",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712"
},
{
"name": "oval:org.mitre.oval:def:2018",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018"
},
{
"name": "20060625 Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702"
},
{
"name": "win-tcp-ip-driver-bo(26834)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26834"
},
{
"name": "oval:org.mitre.oval:def:1585",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585"
},
{
"name": "ADV-2006-2329",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2329"
},
{
"name": "MS06-032",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-032"
},
{
"name": "26433",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26433"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-2379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18374",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18374"
},
{
"name": "oval:org.mitre.oval:def:1787",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787"
},
{
"name": "20639",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20639"
},
{
"name": "oval:org.mitre.oval:def:1483",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483"
},
{
"name": "VU#722753",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/722753"
},
{
"name": "oval:org.mitre.oval:def:1776",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776"
},
{
"name": "TA06-164A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
},
{
"name": "20060627 Re: Is Windows TCP/IP source routing PoC code available?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438482/100/0/threaded"
},
{
"name": "20060628 Re[2]: Is Windows TCP/IP source routing PoC code available?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438609/100/0/threaded"
},
{
"name": "1016290",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016290"
},
{
"name": "oval:org.mitre.oval:def:1712",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712"
},
{
"name": "oval:org.mitre.oval:def:2018",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018"
},
{
"name": "20060625 Is Windows TCP/IP source routing PoC code available?",
"refsource": "FULLDISC",
"url": "http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702"
},
{
"name": "win-tcp-ip-driver-bo(26834)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26834"
},
{
"name": "oval:org.mitre.oval:def:1585",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585"
},
{
"name": "ADV-2006-2329",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2329"
},
{
"name": "MS06-032",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-032"
},
{
"name": "26433",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26433"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-2379",
"datePublished": "2006-06-13T19:00:00",
"dateReserved": "2006-05-15T00:00:00",
"dateUpdated": "2024-08-07T17:51:04.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1184 (GCVE-0-2006-1184)
Vulnerability from cvelistv5 – Published: 2006-05-09 23:00 – Updated: 2024-08-07 17:03
VLAI?
Summary
Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:1912",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1912"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509b.html"
},
{
"name": "25336",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25336"
},
{
"name": "1016047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "17905",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17905"
},
{
"name": "20060509 [EEYEB20051011B] - Microsoft Distributed Transaction Coordinator Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433425/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:1779",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1779"
},
{
"name": "oval:org.mitre.oval:def:1295",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1295"
},
{
"name": "msdtc-message-dos(25558)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25558"
},
{
"name": "864",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/864"
},
{
"name": "oval:org.mitre.oval:def:1990",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1990"
},
{
"name": "ADV-2006-1742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "oval:org.mitre.oval:def:1912",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1912"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509b.html"
},
{
"name": "25336",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25336"
},
{
"name": "1016047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "17905",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17905"
},
{
"name": "20060509 [EEYEB20051011B] - Microsoft Distributed Transaction Coordinator Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/433425/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:1779",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1779"
},
{
"name": "oval:org.mitre.oval:def:1295",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1295"
},
{
"name": "msdtc-message-dos(25558)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25558"
},
{
"name": "864",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/864"
},
{
"name": "oval:org.mitre.oval:def:1990",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1990"
},
{
"name": "ADV-2006-1742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-1184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:1912",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1912"
},
{
"name": "http://www.eeye.com/html/research/advisories/AD20060509b.html",
"refsource": "MISC",
"url": "http://www.eeye.com/html/research/advisories/AD20060509b.html"
},
{
"name": "25336",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25336"
},
{
"name": "1016047",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "17905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17905"
},
{
"name": "20060509 [EEYEB20051011B] - Microsoft Distributed Transaction Coordinator Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433425/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:1779",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1779"
},
{
"name": "oval:org.mitre.oval:def:1295",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1295"
},
{
"name": "msdtc-message-dos(25558)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25558"
},
{
"name": "864",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/864"
},
{
"name": "oval:org.mitre.oval:def:1990",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1990"
},
{
"name": "ADV-2006-1742",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-1184",
"datePublished": "2006-05-09T23:00:00",
"dateReserved": "2006-03-13T00:00:00",
"dateUpdated": "2024-08-07T17:03:28.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0034 (GCVE-0-2006-0034)
Vulnerability from cvelistv5 – Published: 2006-05-09 23:00 – Updated: 2024-08-07 16:18
VLAI?
Summary
Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060510 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html"
},
{
"name": "oval:org.mitre.oval:def:1222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222"
},
{
"name": "oval:org.mitre.oval:def:1477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477"
},
{
"name": "20060511 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433677/100/0/threaded"
},
{
"name": "17906",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17906"
},
{
"name": "1016047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "25335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25335"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html"
},
{
"name": "msdtc-network-message-dos(25559)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25559"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433430/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509a.html"
},
{
"name": "oval:org.mitre.oval:def:1908",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908"
},
{
"name": "863",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/863"
},
{
"name": "ADV-2006-1742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "20060510 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html"
},
{
"name": "oval:org.mitre.oval:def:1222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222"
},
{
"name": "oval:org.mitre.oval:def:1477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477"
},
{
"name": "20060511 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/433677/100/0/threaded"
},
{
"name": "17906",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17906"
},
{
"name": "1016047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "25335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25335"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html"
},
{
"name": "msdtc-network-message-dos(25559)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25559"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/433430/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509a.html"
},
{
"name": "oval:org.mitre.oval:def:1908",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908"
},
{
"name": "863",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/863"
},
{
"name": "ADV-2006-1742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-0034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060510 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html"
},
{
"name": "oval:org.mitre.oval:def:1222",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222"
},
{
"name": "oval:org.mitre.oval:def:1477",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477"
},
{
"name": "20060511 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433677/100/0/threaded"
},
{
"name": "17906",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17906"
},
{
"name": "1016047",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "25335",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25335"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html"
},
{
"name": "msdtc-network-message-dos(25559)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25559"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433430/100/0/threaded"
},
{
"name": "http://www.eeye.com/html/research/advisories/AD20060509a.html",
"refsource": "MISC",
"url": "http://www.eeye.com/html/research/advisories/AD20060509a.html"
},
{
"name": "oval:org.mitre.oval:def:1908",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908"
},
{
"name": "863",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/863"
},
{
"name": "ADV-2006-1742",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-0034",
"datePublished": "2006-05-09T23:00:00",
"dateReserved": "2005-11-30T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1591 (GCVE-0-2006-1591)
Vulnerability from cvelistv5 – Published: 2006-04-03 10:00 – Updated: 2024-08-07 17:19
VLAI?
Summary
Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:19:48.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "win-winhlp32-hlp-bo(25573)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25573"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.open-security.org/advisories/15"
},
{
"name": "20060413 Windows Help Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/430871/100/0/threaded"
},
{
"name": "700",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/700"
},
{
"name": "20060331 Windows Help Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html"
},
{
"name": "17325",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17325"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "win-winhlp32-hlp-bo(25573)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25573"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.open-security.org/advisories/15"
},
{
"name": "20060413 Windows Help Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/430871/100/0/threaded"
},
{
"name": "700",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/700"
},
{
"name": "20060331 Windows Help Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html"
},
{
"name": "17325",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17325"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "win-winhlp32-hlp-bo(25573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25573"
},
{
"name": "http://www.open-security.org/advisories/15",
"refsource": "MISC",
"url": "http://www.open-security.org/advisories/15"
},
{
"name": "20060413 Windows Help Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430871/100/0/threaded"
},
{
"name": "700",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/700"
},
{
"name": "20060331 Windows Help Heap Overflow",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html"
},
{
"name": "17325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17325"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1591",
"datePublished": "2006-04-03T10:00:00",
"dateReserved": "2006-04-02T00:00:00",
"dateUpdated": "2024-08-07T17:19:48.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0232 (GCVE-0-2010-0232)
Vulnerability from nvd – Published: 2010-01-21 19:00 – Updated: 2025-10-22 00:05
VLAI?
Summary
The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka "Windows Kernel Exception Handler Vulnerability."
Severity ?
7.8 (High)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[dailydave] 20100119 We hold these axioms to be self evident",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.immunitysec.com/pipermail/dailydave/2010-January/006000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-released.aspx"
},
{
"name": "MS10-015",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-015"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.microsoft.com/technet/security/advisory/979682.mspx"
},
{
"name": "TA10-040A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
},
{
"name": "1023471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023471"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2010/Jan/341"
},
{
"name": "ADV-2010-0179",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0179"
},
{
"name": "37864",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37864"
},
{
"name": "38265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38265"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509106/100/0/threaded"
},
{
"name": "ms-win-gptrap-privilege-escalation(55742)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55742"
},
{
"name": "oval:org.mitre.oval:def:8344",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8344"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2010-0232",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T18:28:06.324249Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0232"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:53.248Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0232"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-03T00:00:00+00:00",
"value": "CVE-2010-0232 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka \"Windows Kernel Exception Handler Vulnerability.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01.000Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "[dailydave] 20100119 We hold these axioms to be self evident",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.immunitysec.com/pipermail/dailydave/2010-January/006000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-released.aspx"
},
{
"name": "MS10-015",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-015"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.microsoft.com/technet/security/advisory/979682.mspx"
},
{
"name": "TA10-040A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
},
{
"name": "1023471",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023471"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2010/Jan/341"
},
{
"name": "ADV-2010-0179",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0179"
},
{
"name": "37864",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37864"
},
{
"name": "38265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38265"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509106/100/0/threaded"
},
{
"name": "ms-win-gptrap-privilege-escalation(55742)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55742"
},
{
"name": "oval:org.mitre.oval:def:8344",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8344"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2010-0232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges by crafting a VDM_TIB data structure in the Thread Environment Block (TEB), and then calling the NtVdmControl function to start the Windows Virtual DOS Machine (aka NTVDM) subsystem, leading to improperly handled exceptions involving the #GP trap handler (nt!KiTrap0D), aka \"Windows Kernel Exception Handler Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[dailydave] 20100119 We hold these axioms to be self evident",
"refsource": "MLIST",
"url": "http://lists.immunitysec.com/pipermail/dailydave/2010-January/006000.html"
},
{
"name": "http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip",
"refsource": "MISC",
"url": "http://lock.cmpxchg8b.com/c0af0967d904cef2ad4db766a00bc6af/KiTrap0D.zip"
},
{
"name": "http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-released.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.technet.com/msrc/archive/2010/01/20/security-advisory-979682-released.aspx"
},
{
"name": "MS10-015",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-015"
},
{
"name": "http://www.microsoft.com/technet/security/advisory/979682.mspx",
"refsource": "CONFIRM",
"url": "http://www.microsoft.com/technet/security/advisory/979682.mspx"
},
{
"name": "TA10-040A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-040A.html"
},
{
"name": "1023471",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023471"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Jan/341"
},
{
"name": "ADV-2010-0179",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0179"
},
{
"name": "37864",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37864"
},
{
"name": "38265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38265"
},
{
"name": "20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509106/100/0/threaded"
},
{
"name": "ms-win-gptrap-privilege-escalation(55742)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55742"
},
{
"name": "oval:org.mitre.oval:def:8344",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8344"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2010-0232",
"datePublished": "2010-01-21T19:00:00.000Z",
"dateReserved": "2010-01-07T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:53.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5232 (GCVE-0-2008-5232)
Vulnerability from nvd – Published: 2008-11-26 01:00 – Updated: 2024-08-07 10:49
VLAI?
Summary
Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:12.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt"
},
{
"name": "windowsmediaservices-callhtmlhelp-bo(44629)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44629"
},
{
"name": "30814",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30814"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/0808-exploits/wms-overflow.txt"
},
{
"name": "1020733",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020733"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt"
},
{
"name": "windowsmediaservices-callhtmlhelp-bo(44629)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44629"
},
{
"name": "30814",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30814"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/0808-exploits/wms-overflow.txt"
},
{
"name": "1020733",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020733"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt",
"refsource": "MISC",
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt"
},
{
"name": "windowsmediaservices-callhtmlhelp-bo(44629)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44629"
},
{
"name": "30814",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30814"
},
{
"name": "http://packetstormsecurity.org/0808-exploits/wms-overflow.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0808-exploits/wms-overflow.txt"
},
{
"name": "1020733",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020733"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5232",
"datePublished": "2008-11-26T01:00:00",
"dateReserved": "2008-11-25T00:00:00",
"dateUpdated": "2024-08-07T10:49:12.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6026 (GCVE-0-2007-6026)
Vulnerability from nvd – Published: 2007-11-20 00:00 – Updated: 2024-08-07 15:54
VLAI?
Summary
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-04"
},
{
"name": "VU#936529",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/936529"
},
{
"name": "20071116 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483858/100/100/threaded"
},
{
"name": "20071118 Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483888/100/100/threaded"
},
{
"name": "MS08-028",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028"
},
{
"name": "3376",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3376"
},
{
"name": "oval:org.mitre.oval:def:5578",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578"
},
{
"name": "20080513 TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/492019/100/0/threaded"
},
{
"name": "28398",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28398"
},
{
"name": "SSRT080071",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html"
},
{
"name": "26468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26468"
},
{
"name": "20071117 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483887/100/100/threaded"
},
{
"name": "TA08-134A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-134A.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://ruder.cdut.net/blogview.asp?logID=227"
},
{
"name": "1018976",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018976"
},
{
"name": "HPSBST02336",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "microsoft-jet-engine-mdb-bo(38499)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38499"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/483797/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-04"
},
{
"name": "VU#936529",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/936529"
},
{
"name": "20071116 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483858/100/100/threaded"
},
{
"name": "20071118 Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483888/100/100/threaded"
},
{
"name": "MS08-028",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028"
},
{
"name": "3376",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3376"
},
{
"name": "oval:org.mitre.oval:def:5578",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578"
},
{
"name": "20080513 TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/492019/100/0/threaded"
},
{
"name": "28398",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28398"
},
{
"name": "SSRT080071",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html"
},
{
"name": "26468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26468"
},
{
"name": "20071117 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483887/100/100/threaded"
},
{
"name": "TA08-134A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-134A.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://ruder.cdut.net/blogview.asp?logID=227"
},
{
"name": "1018976",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018976"
},
{
"name": "HPSBST02336",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "microsoft-jet-engine-mdb-bo(38499)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38499"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/483797/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-04",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-04"
},
{
"name": "VU#936529",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/936529"
},
{
"name": "20071116 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483858/100/100/threaded"
},
{
"name": "20071118 Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483888/100/100/threaded"
},
{
"name": "MS08-028",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028"
},
{
"name": "3376",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3376"
},
{
"name": "oval:org.mitre.oval:def:5578",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578"
},
{
"name": "20080513 TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/492019/100/0/threaded"
},
{
"name": "28398",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28398"
},
{
"name": "SSRT080071",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html"
},
{
"name": "26468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26468"
},
{
"name": "20071117 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483887/100/100/threaded"
},
{
"name": "TA08-134A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-134A.html"
},
{
"name": "http://ruder.cdut.net/blogview.asp?logID=227",
"refsource": "MISC",
"url": "http://ruder.cdut.net/blogview.asp?logID=227"
},
{
"name": "1018976",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018976"
},
{
"name": "HPSBST02336",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"name": "microsoft-jet-engine-mdb-bo(38499)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38499"
},
{
"name": "20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483797/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6026",
"datePublished": "2007-11-20T00:00:00",
"dateReserved": "2007-11-19T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2401 (GCVE-0-2002-2401)
Vulnerability from nvd – Published: 2007-11-01 17:00 – Updated: 2024-09-16 16:22
VLAI?
Summary
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "win-execute-permissions-16bit(10132)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10132.php"
},
{
"name": "20020918 Execution Rights Not Checked Correctly For 16-bit Applications",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0211.html"
},
{
"name": "5740",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5740"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.abtrusion.com/msexe16.asp"
},
{
"name": "319458",
"tags": [
"vendor-advisory",
"x_refsource_MSKB",
"x_transferred"
],
"url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B319458"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-01T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "win-execute-permissions-16bit(10132)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10132.php"
},
{
"name": "20020918 Execution Rights Not Checked Correctly For 16-bit Applications",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0211.html"
},
{
"name": "5740",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5740"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.abtrusion.com/msexe16.asp"
},
{
"name": "319458",
"tags": [
"vendor-advisory",
"x_refsource_MSKB"
],
"url": "http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3B319458"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "win-execute-permissions-16bit(10132)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10132.php"
},
{
"name": "20020918 Execution Rights Not Checked Correctly For 16-bit Applications",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0211.html"
},
{
"name": "5740",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5740"
},
{
"name": "http://www.abtrusion.com/msexe16.asp",
"refsource": "MISC",
"url": "http://www.abtrusion.com/msexe16.asp"
},
{
"name": "319458",
"refsource": "MSKB",
"url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];319458"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2401",
"datePublished": "2007-11-01T17:00:00Z",
"dateReserved": "2007-11-01T00:00:00Z",
"dateUpdated": "2024-09-16T16:22:30.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1407 (GCVE-0-2003-1407)
Vulnerability from nvd – Published: 2007-10-20 10:00 – Updated: 2024-08-08 02:28
VLAI?
Summary
Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030211 SECURITY.NNOV: Windows NT 4.0/2000 cmd.exe long path buffer overflow/DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/311359"
},
{
"name": "6829",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6829"
},
{
"name": "win-cmd-cd-bo(11329)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11329"
},
{
"name": "3251",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3251"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030211 SECURITY.NNOV: Windows NT 4.0/2000 cmd.exe long path buffer overflow/DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/311359"
},
{
"name": "6829",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6829"
},
{
"name": "win-cmd-cd-bo(11329)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11329"
},
{
"name": "3251",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3251"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1407",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030211 SECURITY.NNOV: Windows NT 4.0/2000 cmd.exe long path buffer overflow/DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/311359"
},
{
"name": "6829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6829"
},
{
"name": "win-cmd-cd-bo(11329)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11329"
},
{
"name": "3251",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3251"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1407",
"datePublished": "2007-10-20T10:00:00",
"dateReserved": "2007-10-19T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1973 (GCVE-0-2007-1973)
Vulnerability from nvd – Published: 2007-04-11 23:00 – Updated: 2024-08-07 13:13
VLAI?
Summary
Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:42.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37635",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37635"
},
{
"name": "2563",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2563"
},
{
"name": "20070410 EEYE: Windows VDM Zero Page Race Condition Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070410a.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \\Device\\PhysicalMemory section handle, a related issue to CVE-2007-1206."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "37635",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37635"
},
{
"name": "2563",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2563"
},
{
"name": "20070410 EEYE: Windows VDM Zero Page Race Condition Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070410a.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \\Device\\PhysicalMemory section handle, a related issue to CVE-2007-1206."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37635",
"refsource": "OSVDB",
"url": "http://osvdb.org/37635"
},
{
"name": "2563",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2563"
},
{
"name": "20070410 EEYE: Windows VDM Zero Page Race Condition Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded"
},
{
"name": "http://research.eeye.com/html/advisories/published/AD20070410a.html",
"refsource": "MISC",
"url": "http://research.eeye.com/html/advisories/published/AD20070410a.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1973",
"datePublished": "2007-04-11T23:00:00",
"dateReserved": "2007-04-11T00:00:00",
"dateUpdated": "2024-08-07T13:13:42.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1912 (GCVE-0-2007-1912)
Vulnerability from nvd – Published: 2007-04-10 23:00 – Updated: 2024-08-07 13:13
VLAI?
Summary
Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:41.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017901",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017901"
},
{
"name": "23382",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23382"
},
{
"name": "3693",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/3693"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017901",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017901"
},
{
"name": "23382",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23382"
},
{
"name": "3693",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/3693"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1912",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017901",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017901"
},
{
"name": "23382",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23382"
},
{
"name": "3693",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3693"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1912",
"datePublished": "2007-04-10T23:00:00",
"dateReserved": "2007-04-10T00:00:00",
"dateUpdated": "2024-08-07T13:13:41.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2379 (GCVE-0-2006-2379)
Vulnerability from nvd – Published: 2006-06-13 19:00 – Updated: 2024-08-07 17:51
VLAI?
Summary
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:51:04.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "18374",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18374"
},
{
"name": "oval:org.mitre.oval:def:1787",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787"
},
{
"name": "20639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20639"
},
{
"name": "oval:org.mitre.oval:def:1483",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483"
},
{
"name": "VU#722753",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/722753"
},
{
"name": "oval:org.mitre.oval:def:1776",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776"
},
{
"name": "TA06-164A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
},
{
"name": "20060627 Re: Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/438482/100/0/threaded"
},
{
"name": "20060628 Re[2]: Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/438609/100/0/threaded"
},
{
"name": "1016290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016290"
},
{
"name": "oval:org.mitre.oval:def:1712",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712"
},
{
"name": "oval:org.mitre.oval:def:2018",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018"
},
{
"name": "20060625 Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702"
},
{
"name": "win-tcp-ip-driver-bo(26834)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26834"
},
{
"name": "oval:org.mitre.oval:def:1585",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585"
},
{
"name": "ADV-2006-2329",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2329"
},
{
"name": "MS06-032",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-032"
},
{
"name": "26433",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26433"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "18374",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18374"
},
{
"name": "oval:org.mitre.oval:def:1787",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787"
},
{
"name": "20639",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20639"
},
{
"name": "oval:org.mitre.oval:def:1483",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483"
},
{
"name": "VU#722753",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/722753"
},
{
"name": "oval:org.mitre.oval:def:1776",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776"
},
{
"name": "TA06-164A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
},
{
"name": "20060627 Re: Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/438482/100/0/threaded"
},
{
"name": "20060628 Re[2]: Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/438609/100/0/threaded"
},
{
"name": "1016290",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016290"
},
{
"name": "oval:org.mitre.oval:def:1712",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712"
},
{
"name": "oval:org.mitre.oval:def:2018",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018"
},
{
"name": "20060625 Is Windows TCP/IP source routing PoC code available?",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702"
},
{
"name": "win-tcp-ip-driver-bo(26834)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26834"
},
{
"name": "oval:org.mitre.oval:def:1585",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585"
},
{
"name": "ADV-2006-2329",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2329"
},
{
"name": "MS06-032",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-032"
},
{
"name": "26433",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26433"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-2379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18374",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18374"
},
{
"name": "oval:org.mitre.oval:def:1787",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787"
},
{
"name": "20639",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20639"
},
{
"name": "oval:org.mitre.oval:def:1483",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483"
},
{
"name": "VU#722753",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/722753"
},
{
"name": "oval:org.mitre.oval:def:1776",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776"
},
{
"name": "TA06-164A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
},
{
"name": "20060627 Re: Is Windows TCP/IP source routing PoC code available?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438482/100/0/threaded"
},
{
"name": "20060628 Re[2]: Is Windows TCP/IP source routing PoC code available?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438609/100/0/threaded"
},
{
"name": "1016290",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016290"
},
{
"name": "oval:org.mitre.oval:def:1712",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712"
},
{
"name": "oval:org.mitre.oval:def:2018",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018"
},
{
"name": "20060625 Is Windows TCP/IP source routing PoC code available?",
"refsource": "FULLDISC",
"url": "http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702"
},
{
"name": "win-tcp-ip-driver-bo(26834)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26834"
},
{
"name": "oval:org.mitre.oval:def:1585",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585"
},
{
"name": "ADV-2006-2329",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2329"
},
{
"name": "MS06-032",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-032"
},
{
"name": "26433",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26433"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-2379",
"datePublished": "2006-06-13T19:00:00",
"dateReserved": "2006-05-15T00:00:00",
"dateUpdated": "2024-08-07T17:51:04.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1184 (GCVE-0-2006-1184)
Vulnerability from nvd – Published: 2006-05-09 23:00 – Updated: 2024-08-07 17:03
VLAI?
Summary
Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:1912",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1912"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509b.html"
},
{
"name": "25336",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25336"
},
{
"name": "1016047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "17905",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17905"
},
{
"name": "20060509 [EEYEB20051011B] - Microsoft Distributed Transaction Coordinator Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433425/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:1779",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1779"
},
{
"name": "oval:org.mitre.oval:def:1295",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1295"
},
{
"name": "msdtc-message-dos(25558)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25558"
},
{
"name": "864",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/864"
},
{
"name": "oval:org.mitre.oval:def:1990",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1990"
},
{
"name": "ADV-2006-1742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "oval:org.mitre.oval:def:1912",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1912"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509b.html"
},
{
"name": "25336",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25336"
},
{
"name": "1016047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "17905",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17905"
},
{
"name": "20060509 [EEYEB20051011B] - Microsoft Distributed Transaction Coordinator Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/433425/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:1779",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1779"
},
{
"name": "oval:org.mitre.oval:def:1295",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1295"
},
{
"name": "msdtc-message-dos(25558)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25558"
},
{
"name": "864",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/864"
},
{
"name": "oval:org.mitre.oval:def:1990",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1990"
},
{
"name": "ADV-2006-1742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-1184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:1912",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1912"
},
{
"name": "http://www.eeye.com/html/research/advisories/AD20060509b.html",
"refsource": "MISC",
"url": "http://www.eeye.com/html/research/advisories/AD20060509b.html"
},
{
"name": "25336",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25336"
},
{
"name": "1016047",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "17905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17905"
},
{
"name": "20060509 [EEYEB20051011B] - Microsoft Distributed Transaction Coordinator Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433425/100/0/threaded"
},
{
"name": "oval:org.mitre.oval:def:1779",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1779"
},
{
"name": "oval:org.mitre.oval:def:1295",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1295"
},
{
"name": "msdtc-message-dos(25558)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25558"
},
{
"name": "864",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/864"
},
{
"name": "oval:org.mitre.oval:def:1990",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1990"
},
{
"name": "ADV-2006-1742",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-1184",
"datePublished": "2006-05-09T23:00:00",
"dateReserved": "2006-03-13T00:00:00",
"dateUpdated": "2024-08-07T17:03:28.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0034 (GCVE-0-2006-0034)
Vulnerability from nvd – Published: 2006-05-09 23:00 – Updated: 2024-08-07 16:18
VLAI?
Summary
Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:18:20.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060510 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html"
},
{
"name": "oval:org.mitre.oval:def:1222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222"
},
{
"name": "oval:org.mitre.oval:def:1477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477"
},
{
"name": "20060511 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433677/100/0/threaded"
},
{
"name": "17906",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17906"
},
{
"name": "1016047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "25335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25335"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html"
},
{
"name": "msdtc-network-message-dos(25559)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25559"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433430/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509a.html"
},
{
"name": "oval:org.mitre.oval:def:1908",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908"
},
{
"name": "863",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/863"
},
{
"name": "ADV-2006-1742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20000"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "20060510 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html"
},
{
"name": "oval:org.mitre.oval:def:1222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222"
},
{
"name": "oval:org.mitre.oval:def:1477",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477"
},
{
"name": "20060511 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/433677/100/0/threaded"
},
{
"name": "17906",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17906"
},
{
"name": "1016047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "25335",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25335"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html"
},
{
"name": "msdtc-network-message-dos(25559)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25559"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/433430/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509a.html"
},
{
"name": "oval:org.mitre.oval:def:1908",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908"
},
{
"name": "863",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/863"
},
{
"name": "ADV-2006-1742",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20000"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-0034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060510 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html"
},
{
"name": "oval:org.mitre.oval:def:1222",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222"
},
{
"name": "oval:org.mitre.oval:def:1477",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477"
},
{
"name": "20060511 Microsoft MSDTC NdrAllocate Validation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433677/100/0/threaded"
},
{
"name": "17906",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17906"
},
{
"name": "1016047",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016047"
},
{
"name": "25335",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25335"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html"
},
{
"name": "msdtc-network-message-dos(25559)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25559"
},
{
"name": "20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433430/100/0/threaded"
},
{
"name": "http://www.eeye.com/html/research/advisories/AD20060509a.html",
"refsource": "MISC",
"url": "http://www.eeye.com/html/research/advisories/AD20060509a.html"
},
{
"name": "oval:org.mitre.oval:def:1908",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908"
},
{
"name": "863",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/863"
},
{
"name": "ADV-2006-1742",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"name": "MS06-018",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"name": "20000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20000"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2006-0034",
"datePublished": "2006-05-09T23:00:00",
"dateReserved": "2005-11-30T00:00:00",
"dateUpdated": "2024-08-07T16:18:20.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1591 (GCVE-0-2006-1591)
Vulnerability from nvd – Published: 2006-04-03 10:00 – Updated: 2024-08-07 17:19
VLAI?
Summary
Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:19:48.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "win-winhlp32-hlp-bo(25573)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25573"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.open-security.org/advisories/15"
},
{
"name": "20060413 Windows Help Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/430871/100/0/threaded"
},
{
"name": "700",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/700"
},
{
"name": "20060331 Windows Help Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html"
},
{
"name": "17325",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17325"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "win-winhlp32-hlp-bo(25573)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25573"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.open-security.org/advisories/15"
},
{
"name": "20060413 Windows Help Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/430871/100/0/threaded"
},
{
"name": "700",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/700"
},
{
"name": "20060331 Windows Help Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html"
},
{
"name": "17325",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17325"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "win-winhlp32-hlp-bo(25573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25573"
},
{
"name": "http://www.open-security.org/advisories/15",
"refsource": "MISC",
"url": "http://www.open-security.org/advisories/15"
},
{
"name": "20060413 Windows Help Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430871/100/0/threaded"
},
{
"name": "700",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/700"
},
{
"name": "20060331 Windows Help Heap Overflow",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html"
},
{
"name": "17325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17325"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1591",
"datePublished": "2006-04-03T10:00:00",
"dateReserved": "2006-04-02T00:00:00",
"dateUpdated": "2024-08-07T17:19:48.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2008-5232
Vulnerability from fkie_nvd - Published: 2008-11-26 01:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.org/0808-exploits/wms-overflow.txt | Exploit, Third Party Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1020733 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/bid/30814 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/44629 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.org/0808-exploits/wms-overflow.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1020733 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/30814 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/44629 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_2000 | - | |
| microsoft | windows_nt | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "685F1981-EA61-4A00-89F8-A748A88962F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el m\u00e9todo CallHTMLHelp en el control ActiveX Microsoft Windows Media Services en nskey.dll 4.1.00.3917 en Windows Media Services en Microsoft Windows NT y 2000, y Avaya Media y Message Application servers, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento largo. NOTA: el origen de esta informaci\u00f3n es desconocido; los detalles se han obtenido \u00fanicamente de informaci\u00f3n de terceros."
}
],
"id": "CVE-2008-5232",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-11-26T01:30:00.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://packetstormsecurity.org/0808-exploits/wms-overflow.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1020733"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30814"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://packetstormsecurity.org/0808-exploits/wms-overflow.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1020733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/30814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/data/vulnerabilities/exploits/30814.html.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44629"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-6026
Vulnerability from fkie_nvd - Published: 2007-11-20 00:46 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://dvlabs.tippingpoint.com/advisory/TPTI-08-04 | ||
| cve@mitre.org | http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=121129490723574&w=2 | ||
| cve@mitre.org | http://ruder.cdut.net/blogview.asp?logID=227 | ||
| cve@mitre.org | http://securityreason.com/securityalert/3376 | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/936529 | US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/483797/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/483858/100/100/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/483887/100/100/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/483888/100/100/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/492019/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/26468 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/28398 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1018976 | ||
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA08-134A.html | US Government Resource | |
| cve@mitre.org | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/38499 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://dvlabs.tippingpoint.com/advisory/TPTI-08-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=121129490723574&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://ruder.cdut.net/blogview.asp?logID=227 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/3376 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/936529 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/483797/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/483858/100/100/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/483887/100/100/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/483888/100/100/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/492019/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/26468 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/28398 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1018976 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA08-134A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/38499 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | jet | 4.0.8618.0 | |
| microsoft | office | 2003 | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_xp | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:jet:4.0.8618.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CDE7537-9B00-4699-81DD-46F4470F701B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria en Microsoft msjet40.dll versi\u00f3n 4.0.8618.0 (tambi\u00e9n se conoce como Microsoft Jet Engine), como es usado por Access 2003 en Microsoft Office 2003 SP3, permite a atacantes asistidos por el usuario ejecutar c\u00f3digo arbitrario por medio de un archivo de base de datos de archivos MDB que contiene una estructura de columnas con un conteo de columnas modificado. NOTA: este podr\u00eda ser el mismo problema que CVE-2005-0944."
}
],
"id": "CVE-2007-6026",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-11-20T00:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-04"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://ruder.cdut.net/blogview.asp?logID=227"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3376"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/936529"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/483797/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/483858/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/483887/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/483888/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/492019/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26468"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28398"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018976"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-134A.html"
},
{
"source": "cve@mitre.org",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38499"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=121129490723574\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ruder.cdut.net/blogview.asp?logID=227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/936529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/483797/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/483858/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/483887/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/483888/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/492019/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA08-134A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-1973
Vulnerability from fkie_nvd - Published: 2007-04-11 23:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \Device\PhysicalMemory section handle, a related issue to CVE-2007-1206.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://osvdb.org/37635 | ||
| cve@mitre.org | http://research.eeye.com/html/advisories/published/AD20070410a.html | Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/securityalert/2563 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/465232/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/37635 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://research.eeye.com/html/advisories/published/AD20070410a.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/2563 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/465232/100/0/threaded |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_nt | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the Virtual DOS Machine (VDM) in the Windows Kernel in Microsoft Windows NT 4.0 allows local users to modify memory and gain privileges via the temporary \\Device\\PhysicalMemory section handle, a related issue to CVE-2007-1206."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en la Virtual DOS Machine (VDM) en el n\u00facleo de Windows en Microsoft Windows NT 4.0 permite a usuarios locales modificar la memoria y obtener privilegios mediante un manejador de secci\u00f3n \\Device\\PhysicalMemory temporal, un asunto relacionado con CVE-2007-1206."
}
],
"id": "CVE-2007-1973",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-11T23:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37635"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070410a.html"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2563"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070410a.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/465232/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-1912
Vulnerability from fkie_nvd - Published: 2007-04-10 23:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/23382 | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securitytracker.com/id?1017901 | ||
| cve@mitre.org | https://www.exploit-db.com/exploits/3693 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/23382 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1017901 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/3693 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_2000 | * | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_nt | * | |
| microsoft | windows_xp | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Microsoft Windows allows user-assisted remote attackers to have an unknown impact via a crafted .HLP file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en Microsoft Windows permite a atacantes remotos con la intervenci\u00f3n del usuario tiene un impacto desconocido a trav\u00e9s de archivos manipulados .HLP\r\n"
}
],
"id": "CVE-2007-1912",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-04-10T23:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/23382"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017901"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/3693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/23382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/3693"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-2379
Vulnerability from fkie_nvd - Published: 2006-06-13 19:06 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | http://secunia.com/advisories/20639 | Patch, Vendor Advisory | |
| secure@microsoft.com | http://securitytracker.com/id?1016290 | ||
| secure@microsoft.com | http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702 | ||
| secure@microsoft.com | http://www.kb.cert.org/vuls/id/722753 | Patch, US Government Resource | |
| secure@microsoft.com | http://www.osvdb.org/26433 | ||
| secure@microsoft.com | http://www.securityfocus.com/archive/1/438482/100/0/threaded | ||
| secure@microsoft.com | http://www.securityfocus.com/archive/1/438609/100/0/threaded | ||
| secure@microsoft.com | http://www.securityfocus.com/bid/18374 | Patch | |
| secure@microsoft.com | http://www.us-cert.gov/cas/techalerts/TA06-164A.html | US Government Resource | |
| secure@microsoft.com | http://www.vupen.com/english/advisories/2006/2329 | ||
| secure@microsoft.com | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-032 | ||
| secure@microsoft.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/26834 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20639 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016290 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/722753 | Patch, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/26433 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/438482/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/438609/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/18374 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA06-164A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/2329 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-032 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/26834 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2003_server | datacenter_64-bit | |
| microsoft | windows_2003_server | enterprise | |
| microsoft | windows_2003_server | enterprise | |
| microsoft | windows_2003_server | enterprise_64-bit | |
| microsoft | windows_2003_server | enterprise_64-bit | |
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_2003_server | standard | |
| microsoft | windows_2003_server | standard | |
| microsoft | windows_2003_server | standard_64-bit | |
| microsoft | windows_2003_server | web | |
| microsoft | windows_2003_server | web | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1:*:*:*:*:*:*",
"matchCriteriaId": "BE3DF901-734B-4956-9D22-FE4608A31DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1:*:*:*:*:*:*",
"matchCriteriaId": "A86C732B-6E92-46FB-B1E5-F0BA2F0D6D82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*",
"matchCriteriaId": "B127407D-AE50-4AFE-A780-D85B5AF44A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1:*:*:*:*:*:*",
"matchCriteriaId": "986AE140-316D-4874-AEE2-3058A007D33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*",
"matchCriteriaId": "34ACB544-87DD-4D9A-99F0-A10F48C1EE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C1BC59CF-BA8A-4D4C-92A5-CFDA7ECD685F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4B5F54BB-A80E-42F2-A700-82C1240E23D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard_64-bit:*:*:*:*:*:*:*",
"matchCriteriaId": "A3AC387D-BB23-4EB9-A7DA-6E3F5CD8EFD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*",
"matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:sp1:*:*:*:*:*:*",
"matchCriteriaId": "76BDFB16-D71F-4E33-83FD-F0F2AE2FAE7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*",
"matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*",
"matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*",
"matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*",
"matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*",
"matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*",
"matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*",
"matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*",
"matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*",
"matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*",
"matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*",
"matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*",
"matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*",
"matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*",
"matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*",
"matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*",
"matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*",
"matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*",
"matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*",
"matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*",
"matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*",
"matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*",
"matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*",
"matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*",
"matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*",
"matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*",
"matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*",
"matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*",
"matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*",
"matchCriteriaId": "E43BBC5A-057F-4BE2-B4BB-6791DDB0B9C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*",
"matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
"matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing."
}
],
"id": "CVE-2006-2379",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-13T19:06:00.000",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20639"
},
{
"source": "secure@microsoft.com",
"url": "http://securitytracker.com/id?1016290"
},
{
"source": "secure@microsoft.com",
"url": "http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/722753"
},
{
"source": "secure@microsoft.com",
"url": "http://www.osvdb.org/26433"
},
{
"source": "secure@microsoft.com",
"url": "http://www.securityfocus.com/archive/1/438482/100/0/threaded"
},
{
"source": "secure@microsoft.com",
"url": "http://www.securityfocus.com/archive/1/438609/100/0/threaded"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18374"
},
{
"source": "secure@microsoft.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
},
{
"source": "secure@microsoft.com",
"url": "http://www.vupen.com/english/advisories/2006/2329"
},
{
"source": "secure@microsoft.com",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-032"
},
{
"source": "secure@microsoft.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26834"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gossamer-threads.com/lists/fulldisc/full-disclosure/46702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/722753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/26433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/438482/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/438609/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18374"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2018"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-0034
Vulnerability from fkie_nvd - Published: 2006-05-10 02:14 - Updated: 2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability.
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html | ||
| secure@microsoft.com | http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html | ||
| secure@microsoft.com | http://secunia.com/advisories/20000 | Patch, Vendor Advisory | |
| secure@microsoft.com | http://securityreason.com/securityalert/863 | ||
| secure@microsoft.com | http://securitytracker.com/id?1016047 | ||
| secure@microsoft.com | http://www.eeye.com/html/research/advisories/AD20060509a.html | Patch, Vendor Advisory | |
| secure@microsoft.com | http://www.osvdb.org/25335 | ||
| secure@microsoft.com | http://www.securityfocus.com/archive/1/433430/100/0/threaded | ||
| secure@microsoft.com | http://www.securityfocus.com/archive/1/433677/100/0/threaded | ||
| secure@microsoft.com | http://www.securityfocus.com/bid/17906 | Patch | |
| secure@microsoft.com | http://www.vupen.com/english/advisories/2006/1742 | Vendor Advisory | |
| secure@microsoft.com | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018 | ||
| secure@microsoft.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/25559 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20000 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/863 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016047 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.eeye.com/html/research/advisories/AD20060509a.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/25335 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/433430/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/433677/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/17906 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/1742 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/25559 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | distributed_transaction_coordinator | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2003_server | enterprise | |
| microsoft | windows_2003_server | enterprise_64-bit | |
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_2003_server | standard | |
| microsoft | windows_2003_server | web | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:distributed_transaction_coordinator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17CE5AD3-C232-4C54-9A92-558D9E3DD708",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*",
"matchCriteriaId": "B127407D-AE50-4AFE-A780-D85B5AF44A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*",
"matchCriteriaId": "34ACB544-87DD-4D9A-99F0-A10F48C1EE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*",
"matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*",
"matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*",
"matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5BDCBCB8-DAA3-465F-ADDE-9143B8251989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*",
"matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*",
"matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*",
"matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "B86E0671-ED68-4549-B3AC-FD8BD79B0860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*",
"matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*",
"matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*",
"matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "BB76E7EC-C396-4537-9065-4E815DA7097C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*",
"matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*",
"matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*",
"matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "4CD026E2-B073-40A6-AD4A-8C76B9169B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*",
"matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*",
"matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*",
"matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "DBFB3E49-3FB5-4947-856D-727CBFFBA543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*",
"matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*",
"matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*",
"matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "B9236480-6450-42E1-B1FF-F336488A683A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*",
"matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*",
"matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*",
"matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*",
"matchCriteriaId": "14F55877-A759-4C8A-84D5-70508E449799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*",
"matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*",
"matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*",
"matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:embedded:*:*:*:*:*",
"matchCriteriaId": "B95B2BE4-B4E0-4B77-9999-53B9224F5CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*",
"matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*",
"matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*",
"matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*",
"matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*",
"matchCriteriaId": "ADEBB882-1C55-4B7B-B4CF-F1B23502FD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*",
"matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*",
"matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
"matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability."
}
],
"id": "CVE-2006-0034",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-10T02:14:00.000",
"references": [
{
"source": "secure@microsoft.com",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html"
},
{
"source": "secure@microsoft.com",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20000"
},
{
"source": "secure@microsoft.com",
"url": "http://securityreason.com/securityalert/863"
},
{
"source": "secure@microsoft.com",
"url": "http://securitytracker.com/id?1016047"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509a.html"
},
{
"source": "secure@microsoft.com",
"url": "http://www.osvdb.org/25335"
},
{
"source": "secure@microsoft.com",
"url": "http://www.securityfocus.com/archive/1/433430/100/0/threaded"
},
{
"source": "secure@microsoft.com",
"url": "http://www.securityfocus.com/archive/1/433677/100/0/threaded"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17906"
},
{
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"source": "secure@microsoft.com",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"source": "secure@microsoft.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25559"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0238.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0269.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509a.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/25335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/433430/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/433677/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1908"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-1184
Vulnerability from fkie_nvd - Published: 2006-05-10 02:14 - Updated: 2025-04-03 01:03
Severity ?
Summary
Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119.
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | http://secunia.com/advisories/20000 | Patch, Vendor Advisory | |
| secure@microsoft.com | http://securityreason.com/securityalert/864 | ||
| secure@microsoft.com | http://securitytracker.com/id?1016047 | ||
| secure@microsoft.com | http://www.eeye.com/html/research/advisories/AD20060509b.html | Patch, Vendor Advisory | |
| secure@microsoft.com | http://www.osvdb.org/25336 | ||
| secure@microsoft.com | http://www.securityfocus.com/archive/1/433425/100/0/threaded | ||
| secure@microsoft.com | http://www.securityfocus.com/bid/17905 | Patch | |
| secure@microsoft.com | http://www.vupen.com/english/advisories/2006/1742 | ||
| secure@microsoft.com | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018 | ||
| secure@microsoft.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/25558 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1295 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1779 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1912 | ||
| secure@microsoft.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1990 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20000 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/864 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016047 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.eeye.com/html/research/advisories/AD20060509b.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/25336 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/433425/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/17905 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/1742 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/25558 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1295 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1779 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1912 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1990 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | distributed_transaction_coordinator | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2003_server | enterprise | |
| microsoft | windows_2003_server | enterprise_64-bit | |
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_2003_server | standard | |
| microsoft | windows_2003_server | web | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:distributed_transaction_coordinator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17CE5AD3-C232-4C54-9A92-558D9E3DD708",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*",
"matchCriteriaId": "B127407D-AE50-4AFE-A780-D85B5AF44A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*",
"matchCriteriaId": "34ACB544-87DD-4D9A-99F0-A10F48C1EE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*",
"matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*",
"matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*",
"matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5BDCBCB8-DAA3-465F-ADDE-9143B8251989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*",
"matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*",
"matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*",
"matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "B86E0671-ED68-4549-B3AC-FD8BD79B0860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*",
"matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*",
"matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*",
"matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "BB76E7EC-C396-4537-9065-4E815DA7097C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*",
"matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*",
"matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*",
"matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "4CD026E2-B073-40A6-AD4A-8C76B9169B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*",
"matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*",
"matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*",
"matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "DBFB3E49-3FB5-4947-856D-727CBFFBA543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*",
"matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*",
"matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*",
"matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "B9236480-6450-42E1-B1FF-F336488A683A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*",
"matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*",
"matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*",
"matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*",
"matchCriteriaId": "14F55877-A759-4C8A-84D5-70508E449799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*",
"matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*",
"matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*",
"matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*",
"matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:embedded:*:*:*:*:*",
"matchCriteriaId": "B95B2BE4-B4E0-4B77-9999-53B9224F5CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*",
"matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*",
"matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*",
"matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*",
"matchCriteriaId": "B3BBBB2E-1699-4E1E-81BB-7A394DD6B31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:embedded:*:*:*:*:*",
"matchCriteriaId": "ADEBB882-1C55-4B7B-B4CF-F1B23502FD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*",
"matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*",
"matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
"matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119."
}
],
"id": "CVE-2006-1184",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-10T02:14:00.000",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20000"
},
{
"source": "secure@microsoft.com",
"url": "http://securityreason.com/securityalert/864"
},
{
"source": "secure@microsoft.com",
"url": "http://securitytracker.com/id?1016047"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509b.html"
},
{
"source": "secure@microsoft.com",
"url": "http://www.osvdb.org/25336"
},
{
"source": "secure@microsoft.com",
"url": "http://www.securityfocus.com/archive/1/433425/100/0/threaded"
},
{
"source": "secure@microsoft.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17905"
},
{
"source": "secure@microsoft.com",
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"source": "secure@microsoft.com",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"source": "secure@microsoft.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25558"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1295"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1779"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1912"
},
{
"source": "secure@microsoft.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.eeye.com/html/research/advisories/AD20060509b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/25336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/433425/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/17905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1990"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-1591
Vulnerability from fkie_nvd - Published: 2006-04-03 10:04 - Updated: 2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html | Exploit | |
| cve@mitre.org | http://securityreason.com/securityalert/700 | ||
| cve@mitre.org | http://www.open-security.org/advisories/15 | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/430871/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/17325 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/25573 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/700 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.open-security.org/advisories/15 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/430871/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/17325 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/25573 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2000 | * | |
| microsoft | windows_2003_server | enterprise | |
| microsoft | windows_2003_server | enterprise | |
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_2003_server | r2 | |
| microsoft | windows_2003_server | standard | |
| microsoft | windows_2003_server | standard | |
| microsoft | windows_2003_server | web | |
| microsoft | windows_2003_server | web | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_nt | 4.0 | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * | |
| microsoft | windows_xp | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1:*:*:*:*:*:*",
"matchCriteriaId": "A86C732B-6E92-46FB-B1E5-F0BA2F0D6D82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C1BC59CF-BA8A-4D4C-92A5-CFDA7ECD685F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*",
"matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4B5F54BB-A80E-42F2-A700-82C1240E23D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*",
"matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:sp1:*:*:*:*:*:*",
"matchCriteriaId": "76BDFB16-D71F-4E33-83FD-F0F2AE2FAE7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*",
"matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*",
"matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*",
"matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise:*:*:*:*:*",
"matchCriteriaId": "BBD9C514-5AF7-4849-A535-F0F3C9339051",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*",
"matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*",
"matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*",
"matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise:*:*:*:*:*",
"matchCriteriaId": "B1CDE116-BFE5-47F9-8EA4-F6510A17CCFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*",
"matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*",
"matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*",
"matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise:*:*:*:*:*",
"matchCriteriaId": "56094D8B-1049-475F-B6B8-BB9DA143DA95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*",
"matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*",
"matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*",
"matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise:*:*:*:*:*",
"matchCriteriaId": "26557DD5-C8A2-4AE3-B135-23F8B5F11DF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*",
"matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*",
"matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*",
"matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise:*:*:*:*:*",
"matchCriteriaId": "306FC85F-9947-4721-B823-60733FA9E317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*",
"matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*",
"matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*",
"matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise:*:*:*:*:*",
"matchCriteriaId": "DCC020E3-EA09-4E40-B607-8F0602B255BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*",
"matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*",
"matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*",
"matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise:*:*:*:*:*",
"matchCriteriaId": "D113B353-03B6-4821-9F83-25D88423C229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*",
"matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*",
"matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*",
"matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*",
"matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*",
"matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*",
"matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*",
"matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*",
"matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*",
"matchCriteriaId": "E43BBC5A-057F-4BE2-B4BB-6791DDB0B9C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*",
"matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
"matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Microsoft Windows Help winhlp32.exe allows user-assisted attackers to execute arbitrary code via crafted embedded image data in a .hlp file."
},
{
"lang": "es",
"value": "desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) en Microsoft Windows Help winhlp32.exe permite a los atacantes asistidos por el usuario ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos de imagen incrustados creados en un archivo .hlp."
}
],
"id": "CVE-2006-1591",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-04-03T10:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/700"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.open-security.org/advisories/15"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/430871/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/17325"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044748.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.open-security.org/advisories/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/430871/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25573"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}