CVE-2006-6696

EPSS 7.48%
Published 22.12.2006 02:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem (CSRSS) process, which is not properly handled when invoking the UserHardError and GetHardErrorText functions in WINSRV.DLL.

Affected products Warnungen 0 Metrics 2 CWE 1 References 26

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000

Microsoft ≫ Windows 2000 Updatesp1

Microsoft ≫ Windows 2000 Updatesp2

Microsoft ≫ Windows 2000 Updatesp3

Microsoft ≫ Windows 2000 Updatesp4

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition Updatesp1

Microsoft ≫ Windows 2003 Server Versiondatacenter_edition Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versionenterprise_edition Updatesp1

Microsoft ≫ Windows 2003 Server Versionenterprise_edition Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versionsp1 Editionenterprise

Microsoft ≫ Windows 2003 Server Versionstandard

Microsoft ≫ Windows 2003 Server Versionstandard Updatesp1

Microsoft ≫ Windows 2003 Server Versionstandard Updatesp1_beta_1

Microsoft ≫ Windows 2003 Server Versionweb

Microsoft ≫ Windows 2003 Server Versionweb Updatesp1

Microsoft ≫ Windows 2003 Server Versionweb Updatesp1_beta_1

Microsoft ≫ Windows Vista Editiondecember_ctp

Microsoft ≫ Windows Vista Updatebeta

Microsoft ≫ Windows Vista Updatebeta1

Microsoft ≫ Windows Vista Updatebeta2

Microsoft ≫ Windows Xp Editionhome

Microsoft ≫ Windows Xp Editionmedia_center

Microsoft ≫ Windows Xp Updategold Editionprofessional

Microsoft ≫ Windows Xp Updatesp1 Editionhome

Microsoft ≫ Windows Xp Updatesp1 Editionmedia_center

Microsoft ≫ Windows Xp Updatesp2 Editionhome

Microsoft ≫ Windows Xp Updatesp2 Editionmedia_center

Microsoft ≫ Windows Xp Updatesp2 Editiontablet_pc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	7.48%	0.914

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://blogs.technet.com/msrc/archive/2006/12/22/new-report-of-a-windows-vulnerability.aspx

http://groups.google.ca/group/microsoft.public.win32.programmer.kernel/browse_thread/thread/c5946bf40f227058/7bd7b5d66a4e5aff

http://isc.sans.org/diary.php?n&storyid=1965

http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051394.html

http://research.eeye.com/html/alerts/zeroday/20061215.html

http://secunia.com/advisories/23448

Vendor Advisory

http://securitytracker.com/id?1017433

http://www.determina.com/security.research/vulnerabilities/csrss-harderror.html

http://www.kuban.ru/forum_new/forum2/files/19124.html

http://www.security.nnov.ru/Gnews944.html

http://www.security.nnov.ru/files/messagebox.c