7.2

CVE-2006-5586

EPSS 1.3%
Published 04.04.2007 16:19:00
Last modified 09.04.2025 00:30:58
Source secure@microsoft.com
Teams watchlist Login
Open Login

The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid Window Size Elevation of Privilege Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Updatesp4

Microsoft ≫ Windows Xp Updategold Editionprofessional_x64

Microsoft ≫ Windows Xp Updatesp2

Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.3%	0.791

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://www.securityfocus.com/archive/1/466186/100/200/threaded

http://www.vupen.com/english/advisories/2007/1215

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-017

http://www.securityfocus.com/bid/23277

http://www.securitytracker.com/id?1017846

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1385

https://nvd.nist.gov/vuln/detail/CVE-2006-5586

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5586

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5586

EUVD