Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2378

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2006-2378
Last Modified 07 Mar 2011 09:36:05
Published 13 Jun 2006 03:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2378

Summary

Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption.

Vulnerable Systems

Operating System

  • Microsoft Windows 2003 Server Datacenter Edition

  • Microsoft Windows 2003 Server Datacenter Edition 64-bit

  • Microsoft Windows 2003 Server Enterprise 64-bit

  • Microsoft Windows 2003 Server Enterprise Edition

  • Microsoft Windows 2003 Server Enterprise Edition 64-bit

  • Microsoft Windows 2003 Server R2

  • Microsoft Windows 2003 Server Sp1

  • Microsoft Windows 2003 Server Standard

  • Microsoft Windows 2003 Server Standard 64-bit

  • Microsoft Windows 2003 Server Web

  • Microsoft Windows Xp

Application

  • Microsoft Ie 5.0.1

  • Microsoft Ie 6.0


References

CERT-VN - VU#923236

CERT - TA06-164A

BID - 18394

XF - win-art-image-bo(26809)

VUPEN - ADV-2006-2320

OSVDB - 26432

MS - MS06-022

IDEFENSE - 20060613 Microsoft Internet Explorer ART File Heap Corruption Vulnerability

SECTRACK - 1016292

SECUNIA - 20605


Last Updated: 27 May 2016 10:42:26