Vulnerability Details : CVE-2006-1315
The Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to obtain sensitive information via crafted requests that leak information in SMB buffers, which are not properly initialized, aka "SMB Information Disclosure Vulnerability."
Vulnerability category: Information leak
Products affected by CVE-2006-1315
- cpe:2.3:a:microsoft:server_service:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-1315
5.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-1315
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2006-1315
-
http://www.kb.cert.org/vuls/id/333636
US Government Resource
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-035
-
http://www.securityfocus.com/bid/18891
-
http://www.securityfocus.com/archive/1/439881/100/0/threaded
-
http://securitytracker.com/id?1016467
-
http://www.vupen.com/english/advisories/2006/2753
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/26820
Jump to