CVE-2006-1184 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-1184
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1184

Description: Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0, 2000 SP4, XP SP1 and SP2, and Server 2003 allows remote attackers to cause a denial of service (crash) via a BuildContextW request with a large (1) UuidString or (2) GuidIn of a certain length, which causes an out-of-range memory access, aka the MSDTC Denial of Service Vulnerability. NOTE: this is a variant of CVE-2005-2119.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25558 ST 1016047 SREASON http://securityreason.com/securityalert/864 SAID Secunia Advisory: SA20000 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1779 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1912 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1990 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1295 OSVDB 25336 MS http://www.microsoft.com/technet/security/bulletin/ms06-018.mspx MISC http://www.eeye.com/html/research/advisories/AD20060509b.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/433425/100/0/threaded BID 17905

Return to the previous page.