CVE-2006-1314

Microsoft Windows - Buffer Overflow

Title source: llm

Description

Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages.

Exploits (1)

exploitdb WORKING POC

cdoswindows

https://www.exploit-db.com/exploits/2057

View Code ZIP pw:eip

References (12)

[US Government Resource] http://www.kb.cert.org/vuls/id/189140

[Patch, Vendor Advisory] http://www.tippingpoint.com/security/advisories/TSRT-06-02.html

[US Government Resource] http://www.us-cert.gov/cas/techalerts/TA06-192A.html

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-035

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/26818

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/439773/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/18863

[Third Party Advisory, VDB Entry] http://www.osvdb.org/27154

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A600

[Third Party Advisory] http://secunia.com/advisories/21007

[Third Party Advisory] http://www.vupen.com/english/advisories/2006/2753

[Third Party Advisory] http://securityreason.com/securityalert/1212

Scores

EPSS 0.7584

EPSS Percentile 98.9%

Details

Status published

Products (6)

microsoft/windows_2000

microsoft/windows_2003_server 64-bit

microsoft/windows_2003_server itanium

microsoft/windows_2003_server r2

microsoft/windows_2003_server sp1 (2 CPE variants)

microsoft/windows_xp (3 CPE variants)

Published Jul 11, 2006

Tracked Since Feb 18, 2026