5.4

CVE-2006-3351

Exploit

EPSS 25.5%
Published 06.07.2006 01:05:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Buffer overflow in Windows Explorer (explorer.exe) on Windows XP and 2003 allows user-assisted attackers to cause a denial of service (repeated crash) and possibly execute arbitrary code via a .url file with an InternetShortcut tag containing a long URL and a large number of "file:" specifiers.

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2003 Server Version3.1.0.3270

Microsoft ≫ Windows 2003 Server Version64-bit

Microsoft ≫ Windows 2003 Server Versiondatacenter_64-bit Updatesp1

Microsoft ≫ Windows 2003 Server Versiondatacenter_64-bit Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition Updatesp1

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition_64-bit

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition_64-bit Updatesp1

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition_64-bit Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versionenterprise Edition64-bit

Microsoft ≫ Windows 2003 Server Versionenterprise Updatesp1

Microsoft ≫ Windows 2003 Server Versionenterprise Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versionenterprise_64-bit

Microsoft ≫ Windows 2003 Server Versionenterprise_64-bit Updatesp1

Microsoft ≫ Windows 2003 Server Versionenterprise_64-bit Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versionenterprise_edition Updatesp1

Microsoft ≫ Windows 2003 Server Versionenterprise_edition Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versionenterprise_edition_64-bit

Microsoft ≫ Windows 2003 Server Versionenterprise_edition_64-bit Updatesp1

Microsoft ≫ Windows 2003 Server Versionenterprise_edition_64-bit Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versionitanium

Microsoft ≫ Windows 2003 Server Versionr2

Microsoft ≫ Windows 2003 Server Versionr2 Edition64-bit

Microsoft ≫ Windows 2003 Server Versionr2 Editiondatacenter_64-bit

Microsoft ≫ Windows 2003 Server Versionr2 Updatesp1

Microsoft ≫ Windows 2003 Server Versionr2 Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versionsp1

Microsoft ≫ Windows 2003 Server Versionsp1 Editionenterprise

Microsoft ≫ Windows 2003 Server Versionsp1 Editionitanium

Microsoft ≫ Windows 2003 Server Versionstandard

Microsoft ≫ Windows 2003 Server Versionstandard Edition64-bit

Microsoft ≫ Windows 2003 Server Versionstandard Updatesp1

Microsoft ≫ Windows 2003 Server Versionstandard Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versionstandard_64-bit

Microsoft ≫ Windows 2003 Server Versionweb

Microsoft ≫ Windows 2003 Server Versionweb Updatesp1

Microsoft ≫ Windows 2003 Server Versionweb Updatesp1_beta_1

Microsoft ≫ Windows Xp Edition64-bit

Microsoft ≫ Windows Xp Editionembedded

Microsoft ≫ Windows Xp Editionhome

Microsoft ≫ Windows Xp Editionmedia_center

Microsoft ≫ Windows Xp Updategold

Microsoft ≫ Windows Xp Updategold Editionhome

Microsoft ≫ Windows Xp Updategold Editionprofessional

Microsoft ≫ Windows Xp Updatesp1 Edition64-bit

Microsoft ≫ Windows Xp Updatesp1 Editionembedded

Microsoft ≫ Windows Xp Updatesp1 Editionhome

Microsoft ≫ Windows Xp Updatesp1 Editionmedia_center

Microsoft ≫ Windows Xp Updatesp1 Editiontablet_pc

Microsoft ≫ Windows Xp Updatesp2 Editionhome

Microsoft ≫ Windows Xp Updatesp2 Editionmedia_center

Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc

Microsoft ≫ Windows Xp Versionibm_oem_version

Microsoft ≫ Windows Xp Versionibm_oem_version Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	25.5%	0.957

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.4	4.9	6.9	AV:N/AC:H/Au:N/C:N/I:N/A:C

http://securityreason.com/securityalert/1186

http://www.securityfocus.com/archive/1/439153/100/0/threaded

http://www.securityfocus.com/archive/1/439660/100/200/threaded

http://www.securityfocus.com/bid/18838

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/27567

https://nvd.nist.gov/vuln/detail/CVE-2006-3351

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3351

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3351

EUVD