CVE-2006-0027

Microsoft Exchange Server - Remote Code Execution via Crafted vCal or iCal Calendar Properties

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0027. PoCs published by pusscat, including Metasploit module auxiliary/dos/windows/smtp/ms06_019_exchange.

AI-analyzed exploit summary This Metasploit module exploits a heap overflow vulnerability in Microsoft Exchange (CVE-2006-0027) by sending a malformed VCAL request with multiple MODPROP values. The exploit triggers a denial-of-service (DoS) condition by crashing the Exchange service.

Description

Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties.

Exploits (1)

metasploit WORKING POC
by pusscat · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/windows/smtp/ms06_019_exchange.rb

This Metasploit module exploits a heap overflow vulnerability in Microsoft Exchange (CVE-2006-0027) by sending a malformed VCAL request with multiple MODPROP values. The exploit triggers a denial-of-service (DoS) condition by crashing the Exchange service.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Exchange Server (versions affected by MS06-019)
No auth needed
Prerequisites: Network access to the target Exchange server · SMTP service exposed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016048
Patch, Vendor Advisory vendor-advisory x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-019
Broken Link vdb-entry x_refsource_osvdb
http://www.osvdb.org/25338
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA06-129A.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20029
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25556
Permissions Required vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1743
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/17908
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/303452

Scores

EPSS 0.6747
EPSS Percentile 98.6%

Details

Status published
Products (2)
microsoft/exchange_server 2000 sp3
microsoft/exchange_server 2003 sp1 (2 CPE variants)
Published May 10, 2006
Tracked Since Feb 18, 2026