CVE-2006-5585 — Microsoft Windows 2003 Server vulnerability

CWE-2643 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.8%

top 26.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Windows 2003 Server

Timeline

PublishedDec 13

Latest updateMay 1

Description

The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/windows_2003_serveritanium, r2+1

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-x8m3-7gw3-5c7j: The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest wit↗2022-05-01

▶

CVEList

CVE-2006-5585: The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest wit↗2006-12-13

▶