Vulnerability Details CVE-2006-3439
Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.875
EPSS Ranking 99.4%
CVSS Severity
CVSS v2 Score 10.0
References
- http://secunia.com/advisories/21388
- http://securitytracker.com/id?1016667
- http://www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html
- http://www.dhs.gov/dhspublic/display?content=5789
- http://www.kb.cert.org/vuls/id/650769
- http://www.securityfocus.com/bid/19409
- http://www.us-cert.gov/cas/techalerts/TA06-220A.html
- http://www.vupen.com/english/advisories/2006/3210
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-040
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28002
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A492
- http://secunia.com/advisories/21388
- http://securitytracker.com/id?1016667
- http://www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html
- http://www.dhs.gov/dhspublic/display?content=5789
- http://www.kb.cert.org/vuls/id/650769
- http://www.securityfocus.com/bid/19409
- http://www.us-cert.gov/cas/techalerts/TA06-220A.html
- http://www.vupen.com/english/advisories/2006/3210
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-040
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28002
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A492
Products affected by CVE-2006-3439
-
cpe:2.3:o:microsoft:windows_2000:-
-
cpe:2.3:o:microsoft:windows_2003_server:64-bit
-
cpe:2.3:o:microsoft:windows_2003_server:itanium
-
cpe:2.3:o:microsoft:windows_2003_server:r2
-
cpe:2.3:o:microsoft:windows_2003_server:sp1
-
cpe:2.3:o:microsoft:windows_xp:*
-
cpe:2.3:o:microsoft:windows_xp:-