Vulnerability Details : CVE-2006-3648
Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote attackers to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained exception."
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2006-3648
Probability of exploitation activity in the next 30 days: 13.98%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-3648
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.6
|
HIGH | AV:N/AC:H/Au:N/C:C/I:C/A:C |
4.9
|
10.0
|
NIST |
References for CVE-2006-3648
-
http://www.securityfocus.com/bid/19384
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-051
-
http://www.kb.cert.org/vuls/id/411516
Patch;US Government Resource
- http://www.vupen.com/english/advisories/2006/3216
-
http://securitytracker.com/id?1016661
-
http://www.us-cert.gov/cas/techalerts/TA06-220A.html
Patch;Third Party Advisory;US Government Resource
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A841
Products affected by CVE-2006-3648
- cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*