CVE-2006-1314 Information

Description

Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4 XP SP1 and SP2 Server 2003 up to SP1 and other products allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages.

Reference

http://secunia.com/advisories/21007 http://securityreason.com/securityalert/1212 http://www.kb.cert.org/vuls/id/189140 http://www.osvdb.org/27154 http://www.securityfocus.com/archive/1/439773/100/0/threaded http://www.securityfocus.com/bid/18863 http://www.tippingpoint.com/security/advisories/TSRT-06-02.html http://www.us-cert.gov/cas/techalerts/TA06-192A.html http://www.vupen.com/english/advisories/2006/2753 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-035 https://exchange.xforce.ibmcloud.com/vulnerabilities/26818 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A600