CyberSec.Space Logo
Back to CVE Browser

CVE-2006-3439

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0030%
EPSS Percentile42.91th
PublishedAug 9, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.

Affected Platforms (CPE)

πŸ’»
Microsoft

Windows 2000

All versions
πŸ’»
Microsoft

Windows 2003 Server

= 64-bit
πŸ’»
Microsoft

Windows 2003 Server

= itanium
πŸ’»
Microsoft

Windows 2003 Server

= r2
πŸ’»
Microsoft

Windows 2003 Server

= sp1
πŸ’»
Microsoft

Windows 2003 Server

= sp1
πŸ’»
Microsoft

Windows Xp

All versions
πŸ’»
Microsoft

Windows Xp

All versions
πŸ’»
Microsoft

Windows Xp

All versions

References & Advisories

πŸ”— http://secunia.com/advisories/21388
πŸ”— http://securitytracker.com/id?1016667
πŸ”— http://www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html
πŸ”— http://www.dhs.gov/dhspublic/display?content=5789
πŸ”— http://www.kb.cert.org/vuls/id/650769
πŸ”— http://www.securityfocus.com/bid/19409
πŸ”— http://www.us-cert.gov/cas/techalerts/TA06-220A.html
πŸ”— http://www.vupen.com/english/advisories/2006/3210

Related Vulnerabilities

CVE-2000-103410.0

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a ...

CVE-2000-006110.0

Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document h...

CVE-2000-022210.0

The installation for Windows 2000 does not activate the Administrator password until the system has rebooted, which allows remote ...

CVE-2000-107110.0

The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote...