10

CVE-2006-2373

EPSS 27.66%
Published 13.06.2006 19:06:00
Last modified 03.04.2025 01:03:51
Source secure@microsoft.com
Teams watchlist Login
Open Login

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 17

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Version- Updatesp4

Microsoft ≫ Windows Server 2003 Version- Update-

Microsoft ≫ Windows Server 2003 Version- Updatesp1 HwPlatformitanium

Microsoft ≫ Windows Server 2003 Version- Updatesp1 HwPlatformx86

Microsoft ≫ Windows Xp Version- Update- SwEditionprofessional HwPlatformx64

Microsoft ≫ Windows Xp Version- Updatesp1

Microsoft ≫ Windows Xp Version- Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	27.66%	0.963

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/20635

Third Party Advisory

http://securitytracker.com/id?1016288

Third Party Advisory

VDB Entry

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=408

Third Party Advisory

http://www.osvdb.org/26440

Broken Link

http://www.securityfocus.com/bid/18356

Patch

Third Party Advisory

VDB Entry

http://www.vupen.com/english/advisories/2006/2327

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-030

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/26828

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1137

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1730

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1792

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1904

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1942

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2007

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2006-2373

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2373

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2373

EUVD