| ID |
CVE-2006-3440
|
| Summary |
Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability." |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
-
cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:64-bit:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
|
| CVSS |
| Base: | 10.0 (as of 12-10-2018 - 21:40) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| oval
via4
|
| accepted | 2011-05-09T04:01:47.560-04:00 | | class | vulnerability | | contributors | | name | Robert L. Hollis | | organization | ThreatGuard, Inc. |
| name | Shane Shaffer | | organization | G2, Inc. |
| | definition_extensions | | comment | Microsoft Windows 2000 SP4 or later is installed | | oval | oval:org.mitre.oval:def:229 |
| comment | Microsoft Windows XP SP1 (32-bit) is installed | | oval | oval:org.mitre.oval:def:1 |
| comment | Microsoft Windows XP SP2 or later is installed | | oval | oval:org.mitre.oval:def:521 |
| comment | Microsoft Windows XP SP1 (64-bit) is installed | | oval | oval:org.mitre.oval:def:480 |
| comment | Microsoft Windows Server 2003 (x86) Gold is installed | | oval | oval:org.mitre.oval:def:165 |
| comment | Microsoft Windows Server 2003 SP1 (x86) is installed | | oval | oval:org.mitre.oval:def:565 |
| | description | Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability." | | family | windows | | id | oval:org.mitre.oval:def:747 | | status | accepted | | submitted | 2006-08-11T12:53:40 | | title | Winsock Hostname Vulnerability | | version | 74 |
|
| refmap
via4
|
| bid | 19319 | | cert | TA06-220A | | cert-vn | VU#908276 | | sectrack | 1016653 | | secunia | 21394 | | vupen | ADV-2006-3211 |
|
| Last major update |
12-10-2018 - 21:40 |
| Published |
09-08-2006 - 01:04 |
| Last modified |
12-10-2018 - 21:40 |
