| Vulnerability Name: | CVE-2006-3648 (CCN-28011) | ||||||||
| Assigned: | 2006-08-08 | ||||||||
| Published: | 2006-08-08 | ||||||||
| Updated: | 2018-10-12 | ||||||||
| Summary: | Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception." | ||||||||
| CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 7.6 High (CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C) 5.6 Medium (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-3648 Source: CCN Type: SECTRACK ID: 1016661 Windows Kernel Incorrect Exception Handling Lets Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1016661 Source: CCN Type: ASA-2006-154 Windows Security Updates for August 2006 - (MS06-040 - MS06-051) Source: CCN Type: Microsoft Security Bulletin MS12-081 Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2758857) Source: CCN Type: Microsoft Security Bulletin MS14-019 Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2922229) Source: CCN Type: US-CERT VU#411516 Microsoft Windows kernel fails to properly manage exception handling Source: CERT-VN Type: Patch, US Government Resource VU#411516 Source: CCN Type: Microsoft Security Bulletin MS06-051 Vulnerability in Windows Kernel Could Result in Remote Code Execution (917422) Source: CCN Type: Microsoft Security Bulletin MS07-035 Vulnerability in Win 32 API Could Allow Remote Code Execution (935839) Source: CCN Type: Microsoft Security Bulletin MS09-015 Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426) Source: BID Type: UNKNOWN 19384 Source: CCN Type: BID-19384 Microsoft Windows Unhandled Exception Remote Code Execution Vulnerability Source: CCN Type: US-CERT Technical Cyber Security Alert TA06-220A Microsoft Windows, Office, and Internet Explorer Vulnerabilities Source: CERT Type: Patch, Third Party Advisory, US Government Resource TA06-220A Source: VUPEN Type: UNKNOWN ADV-2006-3216 Source: MS Type: UNKNOWN MS06-051 Source: XF Type: UNKNOWN win-kernel-code-execution(28011) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:841 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||