Vulnerability Name:

CVE-2006-0012 (CCN-25554)

Assigned:2005-11-09
Published:2006-04-11
Updated:2019-04-30
Summary:Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability."
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2006-0012

Source: CCN
Type: SA19606
Microsoft Windows Explorer COM Object Handling Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
19606

Source: CCN
Type: SECTRACK ID: 1015897
Microsoft Windows Explorer COM Object Bug Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1015897

Source: CCN
Type: ASA-2006-079
Windows Security Updates for April 2006 - (MS06-013 - MS06-017)

Source: CCN
Type: US-CERT VU#641460
Microsoft Windows fails to properly handle COM objects

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#641460

Source: CCN
Type: Microsoft Security Bulletin MS06-015
Vulnerability in Windows Explorer Could Lead to Remote Code Execution (908531)

Source: OSVDB
Type: UNKNOWN
24516

Source: CCN
Type: OSVDB ID: 24516
Microsoft Windows Explorer COM Object Handling Remote Code Execution

Source: BID
Type: UNKNOWN
17464

Source: CCN
Type: BID-17464
Microsoft Windows Shell COM Object Remote Code Execution Vulnerability

Source: CCN
Type: US-CERT Technical Cyber Security Alert TA06-101A
Microsoft Windows and Internet Explorer Vulnerabilities

Source: CERT
Type: US Government Resource
TA06-101A

Source: VUPEN
Type: UNKNOWN
ADV-2006-1320

Source: MS
Type: UNKNOWN
MS06-015

Source: XF
Type: UNKNOWN
win-explorer-com-code-execution(25554)

Source: XF
Type: UNKNOWN
win-explorer-com-code-execution(25554)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1191

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1448

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1679

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1743

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:1764

Vulnerable Configuration:Configuration 1:
  • cpe:/o:microsoft:windows_2000:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:datacenter_64-bit:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:enterprise:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:enterprise_64-bit:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:r2:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:standard:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:standard_64-bit:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:web:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98:*:gold:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:*:home:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:microsoft:windows_98:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_98se:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_me:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_xp:-:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server::x64:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:xp:sp2:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:-::~~~~itanium~:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows:2003_server:sp1_itanium:*:*:*:*:*:*
  • OR cpe:/a:microsoft:windows_2003:*:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:1191
    V
    Win2K COM object Remote Code Execution Vulnerability
    2011-05-16
    oval:org.mitre.oval:def:1764
    V
    Server 2003 COM object Remote Code Execution Vulnerability
    2011-05-16
    oval:org.mitre.oval:def:1448
    V
    WinXP,SP2 COM object Remote Code Execution Vulnerability
    2011-05-16
    oval:org.mitre.oval:def:1679
    V
    WinXP,SP1 COM object Remote Code Execution Vulnerability
    2011-05-16
    oval:org.mitre.oval:def:1743
    V
    Windows (S03/64-bit XP) COM object Remote Code Execution Vulnerability
    2011-05-16
    BACK
    microsoft windows 2000 *
    microsoft windows 2000 * sp1
    microsoft windows 2000 * sp2
    microsoft windows 2000 * sp3
    microsoft windows 2000 * sp4
    microsoft windows 2003 server datacenter_64-bit sp1
    microsoft windows 2003 server enterprise
    microsoft windows 2003 server enterprise sp1
    microsoft windows 2003 server enterprise_64-bit
    microsoft windows 2003 server enterprise_64-bit sp1
    microsoft windows 2003 server r2
    microsoft windows 2003 server r2
    microsoft windows 2003 server r2 sp1
    microsoft windows 2003 server standard
    microsoft windows 2003 server standard sp1
    microsoft windows 2003 server standard_64-bit
    microsoft windows 2003 server web
    microsoft windows 2003 server web sp1
    microsoft windows 98 * gold
    microsoft windows 98se *
    microsoft windows me *
    microsoft windows xp *
    microsoft windows xp *
    microsoft windows xp *
    microsoft windows xp * gold
    microsoft windows xp * sp1
    microsoft windows xp * sp1
    microsoft windows xp * sp2
    microsoft windows xp * sp2
    microsoft windows xp * sp2
    microsoft windows 98 *
    microsoft windows 98se *
    microsoft windows me *
    microsoft windows xp - sp1
    microsoft windows 2000 - sp4
    microsoft windows 2003_server
    microsoft windows xp sp2
    microsoft windows 2003 server -
    microsoft windows 2003_server sp1
    microsoft windows 2003_server sp1_itanium
    microsoft windows 2003 *