Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-1314

EPSS 75.84% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-1314

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Heap-based buffer overflow in the Server Service (SRV.SYS driver) in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 up to SP1, and other products, allows remote attackers to execute arbitrary code via crafted first-class Mailslot messages that triggers memory corruption and bypasses size restrictions on second-class Mailslot messages.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Windows Server驱动Mailslot远程堆溢出漏洞(MS06-035)
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 根据MSDN文档所述,Microsoft Windows的Mailslot通讯分为两类。第一类Mailslot是运行于SMB/TCP的连接,第二类Mailslot可通过SMB/UDP提供无连接的讯息和广播消息。 Windows用于处理所有SMB通讯的SRV.SYS驱动中存在漏洞。在处理第一类Mailslot消息时,可能会出现堆溢出漏洞,导致执行任意指令。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-1314

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-1314

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-07-11 · 19 CVEs total

CVE-2006-3511Microsoft Internet Explorer HtmlDlgSafeHelper远程拒绝服务漏洞
CVE-2006-2389Microsoft Office畸形属性解析内存破坏漏洞(MS06-038)
CVE-2006-2372Microsoft Windows DHCP Client服务ACK应答处理远程缓冲区溢出漏洞(MS06-036)
CVE-2006-1316Microsoft Office字符串解析远程代码执行漏洞(MS06-038)
CVE-2006-1315Microsoft Windows Server驱动内存信息泄露漏洞(MS06-035)
CVE-2006-1300Microsoft ASP.NET Application文件夹信息泄露漏洞
CVE-2006-0033Microsoft Office畸形PNG文件远程代码执行漏洞(MS06-039)
CVE-2006-0007Microsoft Office畸形GIF图形缓冲区溢出漏洞(MS06-039)
CVE-2006-3512Microsoft Internet Explorer Object.Microsoft.DXTFilter 拒绝服务漏洞
CVE-2006-3513Microsoft Internet Explorer 'danim.dll' DirectAnimation.DAUserData拒绝服务漏洞
CVE-2006-3510Microsoft IE6 RDS.DataControl处理URL参数拒绝服务漏洞
CVE-2006-0026Microsoft IIS ASP远程缓冲区错误漏洞(MS06-034)
CVE-2006-3519Banner Engine 多个跨站脚本攻击(XSS) 漏洞
CVE-2006-3518Webvizyon 'SayfalaAltList.ASP' SQL注入漏洞
CVE-2006-3517RW::Download 'Stats.PHP'远程文件包含漏洞
CVE-2006-3516FreeHost 'misc.php' 多个SQL注入漏洞
CVE-2006-3515AjaxPortal LoginADP函数SQL注入漏洞
CVE-2006-3514PHP-Blogger 'actions.php'多个跨站脚本攻击(XSS) 漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-1314

No comments yet

Leave a comment