MS06-041 - KB 920683 - CVE-2006-3440 - CVE-2006-3441
Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical Recommendation: Apply the update immediately Affected Software: Windows 2000 SP4 There are two vulnerabilities covered in this bulletin: Winsock Hostname Vulnerability - CVE-2006-3440:There is a remote code execution vulnerability in Winsock that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. For an attack to be successful the attacker would have to force the user to open a file or visit a website that is specially crafted to call the affected Winsock API. DNS Client Buffer Overrun Vulnerability - CVE-2006-3441:There is a remote code execution vulnerability in the DNS Client service that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system. Marcus H. Sachs SRI International |
Marcus 301 Posts ISC Handler Aug 8th 2006 |
Thread locked Subscribe |
Aug 8th 2006 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!