7.5
CVE-2006-3445
- EPSS 40.14%
- Veröffentlicht 14.11.2006 21:07:00
- Zuletzt bearbeitet 16.06.2026 22:27:04
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file, which results in a heap-based buffer overflow.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Windows 2000 Updatesp4 Langfr
Microsoft ≫ Windows 2003 Server Version64-bit
Microsoft ≫ Windows 2003 Server Versionitanium
Microsoft ≫ Windows 2003 Server Versionr2
Microsoft ≫ Windows 2003 Server Versionsp1
Microsoft ≫ Windows 2003 Server Versionsp1 Editionitanium
Microsoft ≫ Windows Xp Edition64-bit
Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 40.14% | 0.985 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.us-cert.gov/cas/techalerts/TA06-318A.html
http://secunia.com/advisories/22878
http://securitytracker.com/id?1017222
http://www.coseinc.com/alert.html
http://www.kb.cert.org/vuls/id/810772
http://www.securityfocus.com/archive/1/458558/100/0/threaded
http://www.securityfocus.com/bid/21034
http://www.vupen.com/english/advisories/2006/4506
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-068
https://exchange.xforce.ibmcloud.com/vulnerabilities/29945
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A154