[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-1314Date: (C)2006-07-11   (M)2023-12-22


Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SREASON-1212
BID-18863
http://www.securityfocus.com/archive/1/439773/100/0/threaded
SECUNIA-21007
OSVDB-27154
ADV-2006-2753
MS06-035
TA06-192A
VU#189140
http://www.tippingpoint.com/security/advisories/TSRT-06-02.html
oval:org.mitre.oval:def:600
win-mailslot-bo(26818)

CPE    2
cpe:/o:microsoft:windows_xp::sp1:tablet_pc
cpe:/o:microsoft:windows_xp::sp2:tablet_pc
OVAL    1
oval:org.mitre.oval:def:600

© SecPod Technologies