CVE-2006-2373 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-2373
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2373

Description: The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/26828 ST 1016288 SAID Secunia Advisory: SA20635 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1942 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1904 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1792 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1730 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1137 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2007 OSVDB 26440 MS http://www.microsoft.com/technet/security/bulletin/ms06-030.mspx IDEFENSE http://www.idefense.com/intelligence/vulnerabilities/display.php?id=408 BID 18356

Return to the previous page.