CVE-2006-3445 Information
Description
Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4 XP SP2 and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file which results in a heap-based buffer overflow.
Reference
http://secunia.com/advisories/22878 http://securitytracker.com/id?1017222 http://www.coseinc.com/alert.html http://www.kb.cert.org/vuls/id/810772 http://www.securityfocus.com/archive/1/458558/100/0/threaded http://www.securityfocus.com/bid/21034 http://www.us-cert.gov/cas/techalerts/TA06-318A.html http://www.vupen.com/english/advisories/2006/4506 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-068 https://exchange.xforce.ibmcloud.com/vulnerabilities/29945 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A154
Share on: