6.1

CVE-2006-6296

Exploit

EPSS 26.76%
Published 05.12.2006 11:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000 Updatesp4

Microsoft ≫ Windows 2000 Updatesp4 Langfr

Microsoft ≫ Windows Xp Updatesp1 Editiontablet_pc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	26.76%	0.962

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.1	6.5	6.9	AV:A/AC:L/Au:N/C:N/I:N/A:C

http://research.eeye.com/html/alerts/zeroday/20051116.html

http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2005/20051116

http://secunia.com/advisories/23196

Vendor Advisory

http://securitytracker.com/id?1017330

http://www.kb.cert.org/vuls/id/914617

US Government Resource

http://www.securityfocus.com/bid/21401

Vendor Advisory

Exploit

http://www.vupen.com/english/advisories/2006/4827

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/30717

https://www.exploit-db.com/exploits/2879

https://nvd.nist.gov/vuln/detail/CVE-2006-6296

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6296

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6296

EUVD