CVE-2006-3439

Severity

99%

Complexity

99%

Confidentiality

165%

Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.

Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Microsoft windows

First reported 18 years ago

2006-08-09 01:04:00

Last updated 6 years ago

2018-10-12 21:40:00

Affected Software

Microsoft windows xp_sp1 tablet_pc

Microsoft windows xp_sp2 tablet_pc

References

21388

Patch, Vendor Advisory

1016667

20060814 Mitigating Exploitation of the MS06-040 Service Buffer Vulnerability

http://www.dhs.gov/dhspublic/display?content=5789

VU#650769

Patch, US Government Resource

19409

TA06-220A

Patch, US Government Resource

ADV-2006-3210

MS06-040

ms-server-service-bo(28002)

oval:org.mitre.oval:def:492

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.