Vulnerability Description
The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows Xp | All versions |
Related Weaknesses (CWE)
References
- http://research.eeye.com/html/alerts/zeroday/20051116.html
- http://secunia.com/advisories/23196Vendor Advisory
- http://securitytracker.com/id?1017330
- http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2005/200
- http://www.kb.cert.org/vuls/id/914617US Government Resource
- http://www.securityfocus.com/bid/21401ExploitVendor Advisory
- http://www.vupen.com/english/advisories/2006/4827Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30717
- https://www.exploit-db.com/exploits/2879
- http://research.eeye.com/html/alerts/zeroday/20051116.html
- http://secunia.com/advisories/23196Vendor Advisory
- http://securitytracker.com/id?1017330
- http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker/2005/200
- http://www.kb.cert.org/vuls/id/914617US Government Resource
- http://www.securityfocus.com/bid/21401ExploitVendor Advisory
FAQ
What is CVE-2006-6296?
CVE-2006-6296 is a vulnerability with a CVSS score of 6.1 (MEDIUM). The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial ...
How severe is CVE-2006-6296?
CVE-2006-6296 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6296?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows Xp.