Lucene search

[email protected]CVE-2006-5586

HistoryApr 04, 2007 - 4:19 p.m.

CVE-2006-5586

2007-04-0416:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

microsoft windows

graphics rendering engine

privilege escalation

cve-2006-5586

nvd

6.6 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.5%

JSON

The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via “invalid application window sizes” in layered application windows, aka the “GDI Invalid Window Size Elevation of Privilege Vulnerability.”

CPENameOperatorVersion
microsoft:windows_xpmicrosoft windows xpeq*
microsoft:windows_2000microsoft windows 2000eq*

CPE	Name	Operator	Version
microsoft:windows_xp	microsoft windows xp	eq	*
microsoft:windows_2000	microsoft windows 2000	eq	*

References

www.securityfocus.com/archive/1/466186/100/200/threaded

www.securityfocus.com/bid/23277

www.securitytracker.com/id?1017846

www.vupen.com/english/advisories/2007/1215

docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1385

6.6 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.5%

JSON

Related for CVE-2006-5586

openvas2 securityvulns2 nessus1