CVE-2006-0010 - OpenCVE

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows Me Windows 98se Windows 98 Windows 2000 Windows 2003 Server Windows Nt Windows Xp

Configuration 1 [-]

OR	cpe:2.3:o:microsoft:windows_2000::::::::
	cpe:2.3:o:microsoft:windows_2000::sp1::::::*
	cpe:2.3:o:microsoft:windows_2000::sp2::::::*
	cpe:2.3:o:microsoft:windows_2000::sp3::::::*
	cpe:2.3:o:microsoft:windows_2000::sp4::::::*
	cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1::::::
	cpe:2.3:o:microsoft:windows_2003_server:enterprise::64-bit:::::
	cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1::::::
	cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:::::::*
	cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1::::::
	cpe:2.3:o:microsoft:windows_2003_server:r2::64-bit:::::
	cpe:2.3:o:microsoft:windows_2003_server:r2::datacenter_64-bit:::::
	cpe:2.3:o:microsoft:windows_2003_server:r2:sp1::::::
	cpe:2.3:o:microsoft:windows_2003_server:standard::64-bit:::::
	cpe:2.3:o:microsoft:windows_2003_server:standard:sp1::::::
	cpe:2.3:o:microsoft:windows_2003_server:standard_64-bit:::::::*
	cpe:2.3:o:microsoft:windows_2003_server:web:::::::*
	cpe:2.3:o:microsoft:windows_2003_server:web:sp1::::::
	cpe:2.3:o:microsoft:windows_98::gold::::::*
	cpe:2.3:o:microsoft:windows_98se::::::::
	cpe:2.3:o:microsoft:windows_me::::::::
	cpe:2.3:o:microsoft:windows_nt:3.5.1:::::::*
	cpe:2.3:o:microsoft:windows_nt:3.5.1:sp1::::::
	cpe:2.3:o:microsoft:windows_nt:3.5.1:sp2::::::
	cpe:2.3:o:microsoft:windows_nt:3.5.1:sp3::::::
	cpe:2.3:o:microsoft:windows_nt:3.5.1:sp4::::::
	cpe:2.3:o:microsoft:windows_nt:3.5.1:sp5::::::
	cpe:2.3:o:microsoft:windows_nt:3.5.1:sp5:alpha:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:::::::*
	cpe:2.3:o:microsoft:windows_nt:4.0::alpha:::::
	cpe:2.3:o:microsoft:windows_nt:4.0::enterprise_server:::::
	cpe:2.3:o:microsoft:windows_nt:4.0::server:::::
	cpe:2.3:o:microsoft:windows_nt:4.0::terminal_server:::::
	cpe:2.3:o:microsoft:windows_nt:4.0::terminal_server_alpha:::::
	cpe:2.3:o:microsoft:windows_nt:4.0::workstation:::::
	cpe:2.3:o:microsoft:windows_nt:4.0:sp1::::::
	cpe:2.3:o:microsoft:windows_nt:4.0:sp1:alpha:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp2::::::
	cpe:2.3:o:microsoft:windows_nt:4.0:sp2:alpha:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp3::::::
	cpe:2.3:o:microsoft:windows_nt:4.0:sp3:alpha:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp4::::::
	cpe:2.3:o:microsoft:windows_nt:4.0:sp4:alpha:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp5::::::
	cpe:2.3:o:microsoft:windows_nt:4.0:sp5:alpha:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:::::*
	cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6::::::
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:alpha:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a::::::
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:alpha:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:::::*
cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:::::*
cpe:2.3:o:microsoft:windows_xp:::64-bit:::::*
cpe:2.3:o:microsoft:windows_xp:::home:::::*
cpe:2.3:o:microsoft:windows_xp:::media_center:::::*
cpe:2.3:o:microsoft:windows_xp::gold:professional:::::
cpe:2.3:o:microsoft:windows_xp::sp1:home:::::
cpe:2.3:o:microsoft:windows_xp::sp1:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:home:::::
cpe:2.3:o:microsoft:windows_xp::sp2:media_center:::::
cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc:::::

References

Link	Resource
http://seclists.org/fulldisclosure/2006/Jan/363
http://secunia.com/advisories/18311	Vendor Advisory
http://secunia.com/advisories/18365	Patch Vendor Advisory
http://secunia.com/advisories/18391	Vendor Advisory
http://securitytracker.com/id?1015459
http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm
http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html
http://www.kb.cert.org/vuls/id/915930	Third Party Advisory US Government Resource
http://www.osvdb.org/18829
http://www.securityfocus.com/archive/1/421885/100/0/threaded
http://www.securityfocus.com/bid/16194	Patch
http://www.us-cert.gov/cas/techalerts/TA06-010A.html	US Government Resource
http://www.vupen.com/english/advisories/2006/0118
http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375525
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002
https://exchange.xforce.ibmcloud.com/vulnerabilities/23922
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714