Vulnerability Details : CVE-2006-3648
Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception."
Vulnerability category: Execute code
Products affected by CVE-2006-3648
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-3648
51.76%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-3648
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.6
|
HIGH | AV:N/AC:H/Au:N/C:C/I:C/A:C |
4.9
|
10.0
|
NIST |
References for CVE-2006-3648
-
http://www.securityfocus.com/bid/19384
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-051
-
http://www.kb.cert.org/vuls/id/411516
Patch;US Government Resource
-
http://www.vupen.com/english/advisories/2006/3216
-
http://securitytracker.com/id?1016661
-
http://www.us-cert.gov/cas/techalerts/TA06-220A.html
Patch;Third Party Advisory;US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A841
Jump to