CVE-2006-3440

Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability."

Published: Aug 9, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-3440
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / windows_2003_server	64-bit	64-bit.x
microsoft / windows_2003_server	sp1	sp1.x
microsoft / windows_xp	-	-
microsoft / windows_2000	-	-

http://secunia.com/advisories/21394
http://securitytracker.com/id?1016653
http://www.kb.cert.org/vuls/id/908276
http://www.securityfocus.com/bid/19319
http://www.us-cert.gov/cas/techalerts/TA06-220A.html
http://www.vupen.com/english/advisories/2006/3211
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-041
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A747

Vulnerability Database

290,020

CVE-2006-3440