Detections
Analytics

CVE-2006-3439

critical

Description

Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A492

https://exchange.xforce.ibmcloud.com/vulnerabilities/28002

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-040

http://www.vupen.com/english/advisories/2006/3210

http://www.us-cert.gov/cas/techalerts/TA06-220A.html

http://www.securityfocus.com/bid/19409

http://www.kb.cert.org/vuls/id/650769

http://www.dhs.gov/dhspublic/display?content=5789

http://www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html

http://securitytracker.com/id?1016667

http://secunia.com/advisories/21388

Details

Source: Mitre, NVD

Published: 2006-08-09

Updated: 2018-10-12

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical