Back to search
CVE-2006-1314
Published: Jul 11, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#189140
third-party-advisory
x_refsource_CERT-VN
ADV-2006-2753
vdb-entry
x_refsource_VUPEN
win-mailslot-bo(26818)
vdb-entry
x_refsource_XF
27154
vdb-entry
x_refsource_OSVDB
21007
third-party-advisory
x_refsource_SECUNIA
1212
third-party-advisory
x_refsource_SREASON
http://www.tippingpoint.com/security/advisories/TSRT-06-02.html
x_refsource_MISC
oval:org.mitre.oval:def:600
vdb-entry
signature
x_refsource_OVAL
18863
vdb-entry
x_refsource_BID
20060711 TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability
mailing-list
x_refsource_BUGTRAQ
MS06-035
vendor-advisory
x_refsource_MS
TA06-192A
third-party-advisory
x_refsource_CERT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now