| ID |
CVE-2006-3648
|
| Summary |
Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception." |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
-
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
|
| CVSS |
| Base: | 7.6 (as of 12-10-2018 - 21:40) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-noinfo |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
HIGH |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:H/Au:N/C:C/I:C/A:C
|
| oval
via4
|
| accepted | 2011-05-09T04:01:48.393-04:00 | | class | vulnerability | | contributors | | name | Robert L. Hollis | | organization | ThreatGuard, Inc. |
| name | Shane Shaffer | | organization | G2, Inc. |
| | definition_extensions | | comment | Microsoft Windows 2000 SP4 or later is installed | | oval | oval:org.mitre.oval:def:229 |
| comment | Microsoft Windows XP SP1 (32-bit) is installed | | oval | oval:org.mitre.oval:def:1 |
| comment | Microsoft Windows XP SP2 or later is installed | | oval | oval:org.mitre.oval:def:521 |
| comment | Microsoft Windows XP SP1 (64-bit) is installed | | oval | oval:org.mitre.oval:def:480 |
| comment | Microsoft Windows Server 2003 (x86) Gold is installed | | oval | oval:org.mitre.oval:def:165 |
| comment | Microsoft Windows Server 2003 SP1 (x86) is installed | | oval | oval:org.mitre.oval:def:565 |
| | description | Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception." | | family | windows | | id | oval:org.mitre.oval:def:841 | | status | accepted | | submitted | 2006-08-11T12:53:40 | | title | Unhandled Exception Vulnerability | | version | 74 |
|
| refmap
via4
|
| bid | 19384 | | cert | TA06-220A | | cert-vn | VU#411516 | | sectrack | 1016661 | | vupen | ADV-2006-3216 |
|
| Last major update |
12-10-2018 - 21:40 |
| Published |
09-08-2006 - 01:04 |
| Last modified |
12-10-2018 - 21:40 |
