[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2006-3445

Date: (C)2006-11-14   (M)2017-10-12
 
CVSS Score: 7.5Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file, which results in a heap-based buffer overflow.

Reference:
SECTRACK-1017222
http://www.securityfocus.com/archive/1/archive/1/458558/100/0/threaded
BID-21034
SECUNIA-22878
ADV-2006-4506
MS06-068
TA06-318A
VU#810772
http://www.coseinc.com/alert.html
ms-agent-acf-bo(29945)

CPE    1
cpe:/o:microsoft:windows_xp::sp2:tablet_pc
CWE    1
CWE-189
OVAL    1
oval:org.mitre.oval:def:154

© 2013 SecPod Technologies