Executive Summary
Summary | |
---|---|
Title | Vulnerability in Windows Shell Could Allow Remote Code Execution |
Informations | |||
---|---|---|---|
Name | KB926043 | First vendor Publication | 2006-09-28 |
Vendor | Microsoft | Last vendor Modification | 2006-10-10 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS06-057 to address this issue. For more information about this issue, including download links for an available security update, please review MS06-057. The vulnerability addressed is the Windows Shell Remote Code Execution Vulnerability - CVE-2006-3730. |
Original Source
Url : http://www.microsoft.com/technet/security/advisory/926043.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:339 | |||
Oval ID: | oval:org.mitre.oval:def:339 | ||
Title: | Windows Shell Remote Code Execution Vulnerability | ||
Description: | Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2006-3730 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
SAINT Exploits
Description | Link |
---|---|
Internet Explorer WebViewFolderIcon setSlice integer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
27110 | Microsoft IE WebViewFolderIcon setSlice Overflow Internet Explorer contains a flaw that may allow a remote denial of service. The issue is triggered when calling the 'setSlice' method of the WebViewFolderIcon.WebViewFolderIcon.1 ActiveX object with the first parameter set to 0x7fffffff. This causes an invalid memory copy and may result in arbitrary code execution and/or a loss of availability for the browser. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2006-10-13 | IAVM : 2006-A-0042 - Vulnerability in Windows Explorer Severity : Category I - VMSKEY : V0012782 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX func... RuleID : 8419 - Revision : 19 - Type : BROWSER-PLUGINS |
2014-01-10 | WebViewFolderIcon.WebViewFolderIcon.1 ActiveX CLSID unicode access RuleID : 7986 - Revision : 9 - Type : WEB-ACTIVEX |
2014-01-10 | Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX clsi... RuleID : 7985 - Revision : 18 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-10-10 | Name : Arbitrary code can be executed on the remote host through the web or email cl... File : smb_nt_ms06-057.nasl - Type : ACT_GATHER_INFO |