Vulnerability Details CVE-2006-1476
Windows Firewall in Microsoft Windows XP SP2 produces incorrect application block alerts when the application filename is ".exe" (with no characters before the "."), which might allow local user-assisted users to trick a user into unblocking a Trojan horse program, as demonstrated by a malicious ".exe" program in a folder named "Internet Explorer," which triggers a question about whether to unblock the "Internet Explorer" program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.172
EPSS Ranking 94.5%
CVSS Severity
CVSS v2 Score 2.6
References
- http://www.securityfocus.com/archive/1/428970/100/0/threaded
- http://www.securityfocus.com/archive/1/429111/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25598
- http://www.securityfocus.com/archive/1/428970/100/0/threaded
- http://www.securityfocus.com/archive/1/429111/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25598
Products affected by CVE-2006-1476
-
cpe:2.3:o:microsoft:windows_xp:-