6.8

CVE-2006-2378

EPSS 62.39%
Published 13.06.2006 19:06:00
Last modified 03.04.2025 01:03:51
Source secure@microsoft.com
Teams watchlist Login
Open Login

Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption.

Affected products Warnungen 0 Metrics 2 CWE 0 References 18

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Ie Version6.0 Updatesp1

Microsoft ≫ Internet Explorer Version5.0.1

Microsoft ≫ Internet Explorer Version5.0.1 Updatesp1

Microsoft ≫ Internet Explorer Version5.0.1 Updatesp2

Microsoft ≫ Internet Explorer Version5.0.1 Updatesp3

Microsoft ≫ Internet Explorer Version5.0.1 Updatesp4

Microsoft ≫ Internet Explorer Version6.0

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition Updatesp1

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition_64-bit

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition_64-bit Updatesp1

Microsoft ≫ Windows 2003 Server Versionenterprise_64-bit

Microsoft ≫ Windows 2003 Server Versionenterprise_edition Updatesp1

Microsoft ≫ Windows 2003 Server Versionenterprise_edition_64-bit

Microsoft ≫ Windows 2003 Server Versionenterprise_edition_64-bit Updatesp1

Microsoft ≫ Windows 2003 Server Versionr2 Editiondatacenter_64-bit

Microsoft ≫ Windows 2003 Server Versionsp1 Editionenterprise

Microsoft ≫ Windows 2003 Server Versionstandard

Microsoft ≫ Windows 2003 Server Versionstandard Updatesp1

Microsoft ≫ Windows 2003 Server Versionstandard_64-bit

Microsoft ≫ Windows 2003 Server Versionweb

Microsoft ≫ Windows 2003 Server Versionweb Updatesp1

Microsoft ≫ Windows Xp Edition64-bit

Microsoft ≫ Windows Xp Editionhome

Microsoft ≫ Windows Xp Editionmedia_center

Microsoft ≫ Windows Xp Updategold Editionprofessional

Microsoft ≫ Windows Xp Updatesp1 Edition64-bit

Microsoft ≫ Windows Xp Updatesp1 Editionhome

Microsoft ≫ Windows Xp Updatesp1 Editionmedia_center

Microsoft ≫ Windows Xp Updatesp2 Editionhome

Microsoft ≫ Windows Xp Updatesp2 Editionmedia_center

Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	62.39%	0.983

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://www.us-cert.gov/cas/techalerts/TA06-164A.html

US Government Resource

http://secunia.com/advisories/20605

Vendor Advisory

http://securitytracker.com/id?1016292

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=407

http://www.kb.cert.org/vuls/id/923236

Patch

US Government Resource

http://www.osvdb.org/26432

http://www.securityfocus.com/bid/18394

Patch

http://www.vupen.com/english/advisories/2006/2320

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-022

https://exchange.xforce.ibmcloud.com/vulnerabilities/26809

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1590

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1640

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1668

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1756

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1866

https://nvd.nist.gov/vuln/detail/CVE-2006-2378

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2378

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2378

EUVD