CVE-2006-4696

EPSS 70.94%
Veröffentlicht 10.10.2006 22:07:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

Unspecified vulnerability in the Server service in Microsoft Windows 2000 SP4, Server 2003 SP1 and earlier, and XP SP2 and earlier allows remote attackers to execute arbitrary code via a crafted packet, aka "SMB Rename Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Updatesp4 Langfr

Microsoft ≫ Windows 2003 Server Versionr2

Microsoft ≫ Windows 2003 Server Versionsp1

Microsoft ≫ Windows Xp Updategold

Microsoft ≫ Windows Xp Updatesp1 Editiontablet_pc

Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	70.94%	0.986

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

http://www.securityfocus.com/archive/1/449179/100/0/threaded

http://securitytracker.com/id?1017035

Patch

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-063

http://www.kb.cert.org/vuls/id/820628

US Government Resource

http://www.securityfocus.com/bid/20373

http://www.vupen.com/english/advisories/2006/3982

https://exchange.xforce.ibmcloud.com/vulnerabilities/29373

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8

https://nvd.nist.gov/vuln/detail/CVE-2006-4696

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4696

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4696

EUVD