Lucene search

[email protected]NVD:CVE-2006-3445

HistoryNov 14, 2006 - 9:07 p.m.

CVE-2006-3445

2006-11-1421:07:00

CWE-189

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.482 Medium

EPSS

Percentile

97.5%

JSON

Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file, which results in a heap-based buffer overflow.

Affected configurations

NVD

Node

microsoftwindows_2000sp4fr

microsoftwindows_2003_serverMatch64-bit

microsoftwindows_2003_serverMatchitanium

microsoftwindows_2003_serverMatchr2

microsoftwindows_2003_serverMatchsp1

microsoftwindows_2003_serverMatchsp1itanium

microsoftwindows_xp64-bit

microsoftwindows_xpsp2tablet_pc

References

secunia.com/advisories/22878

securitytracker.com/id?1017222

www.coseinc.com/alert.html

www.kb.cert.org/vuls/id/810772

www.securityfocus.com/archive/1/458558/100/0/threaded

www.securityfocus.com/bid/21034

www.us-cert.gov/cas/techalerts/TA06-318A.html

www.vupen.com/english/advisories/2006/4506

docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-068

exchange.xforce.ibmcloud.com/vulnerabilities/29945

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A154

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.482 Medium

EPSS

Percentile

97.5%

JSON

Related for NVD:CVE-2006-3445

checkpoint_advisories2 securityvulns2 cve1 cvelist1 cert1 nessus1