fkie_cve-2006-0010
Vulnerability from fkie_nvd
Published
2006-01-10 22:03
Modified
2025-04-03 01:03
Severity ?
Summary
Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression.
References
secure@microsoft.comhttp://seclists.org/fulldisclosure/2006/Jan/363
secure@microsoft.comhttp://secunia.com/advisories/18311Vendor Advisory
secure@microsoft.comhttp://secunia.com/advisories/18365Patch, Vendor Advisory
secure@microsoft.comhttp://secunia.com/advisories/18391Vendor Advisory
secure@microsoft.comhttp://securitytracker.com/id?1015459
secure@microsoft.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-004.htm
secure@microsoft.comhttp://www.eeye.com/html/Research/Advisories/EEYEB20050801.html
secure@microsoft.comhttp://www.kb.cert.org/vuls/id/915930Third Party Advisory, US Government Resource
secure@microsoft.comhttp://www.osvdb.org/18829
secure@microsoft.comhttp://www.securityfocus.com/archive/1/421885/100/0/threaded
secure@microsoft.comhttp://www.securityfocus.com/bid/16194Patch
secure@microsoft.comhttp://www.us-cert.gov/cas/techalerts/TA06-010A.htmlUS Government Resource
secure@microsoft.comhttp://www.vupen.com/english/advisories/2006/0118
secure@microsoft.comhttp://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375525
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002
secure@microsoft.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/23922
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698
secure@microsoft.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2006/Jan/363
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18311Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18365Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18391Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015459
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm
af854a3a-2127-422b-91ae-364da2661108http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/915930Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/18829
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/421885/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16194Patch
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA06-010A.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/0118
af854a3a-2127-422b-91ae-364da2661108http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=375525
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/23922
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714
Impacted products
Vendor Product Version
microsoft windows_2000 *
microsoft windows_2000 *
microsoft windows_2000 *
microsoft windows_2000 *
microsoft windows_2000 *
microsoft windows_2003_server datacenter_64-bit
microsoft windows_2003_server enterprise
microsoft windows_2003_server enterprise
microsoft windows_2003_server enterprise_64-bit
microsoft windows_2003_server enterprise_64-bit
microsoft windows_2003_server r2
microsoft windows_2003_server r2
microsoft windows_2003_server r2
microsoft windows_2003_server standard
microsoft windows_2003_server standard
microsoft windows_2003_server standard_64-bit
microsoft windows_2003_server web
microsoft windows_2003_server web
microsoft windows_98 *
microsoft windows_98se *
microsoft windows_me *
microsoft windows_nt 3.5.1
microsoft windows_nt 3.5.1
microsoft windows_nt 3.5.1
microsoft windows_nt 3.5.1
microsoft windows_nt 3.5.1
microsoft windows_nt 3.5.1
microsoft windows_nt 3.5.1
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_nt 4.0
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *
microsoft windows_xp *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E545C63-FE9C-4CA1-AF0F-D999D84D2AFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "294EBA01-147B-4DA0-937E-ACBB655EDE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "4E8B7346-F2AA-434C-A048-7463EC1BB117",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "BE1A6107-DE00-4A1C-87FC-9E4015165B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:datacenter_64-bit:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "BE3DF901-734B-4956-9D22-FE4608A31DDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:*:64-bit:*:*:*:*:*",
              "matchCriteriaId": "E69D0E21-8C62-403E-8097-2CA403CBBB1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "A86C732B-6E92-46FB-B1E5-F0BA2F0D6D82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:*:*:*:*:*:*:*",
              "matchCriteriaId": "B127407D-AE50-4AFE-A780-D85B5AF44A2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:enterprise_64-bit:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "986AE140-316D-4874-AEE2-3058A007D33F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:64-bit:*:*:*:*:*",
              "matchCriteriaId": "5D42E51C-740A-4441-8BAF-D073111B984C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:*:datacenter_64-bit:*:*:*:*:*",
              "matchCriteriaId": "34ACB544-87DD-4D9A-99F0-A10F48C1EE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:r2:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "C1BC59CF-BA8A-4D4C-92A5-CFDA7ECD685F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:*:64-bit:*:*:*:*:*",
              "matchCriteriaId": "74AD256D-4BCE-41FB-AD73-C5C63A59A06D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "4B5F54BB-A80E-42F2-A700-82C1240E23D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:standard_64-bit:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3AC387D-BB23-4EB9-A7DA-6E3F5CD8EFD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:*:*:*:*:*:*:*",
              "matchCriteriaId": "B518E945-5FDE-4A37-878D-6946653C91F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_2003_server:web:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "76BDFB16-D71F-4E33-83FD-F0F2AE2FAE7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*",
              "matchCriteriaId": "2D3B703C-79B2-4FA2-9E12-713AB977A880",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA733AD2-D948-46A0-A063-D29081A56F1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0D4EAC2-A948-461F-B5DD-0AE73CF05D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "EF8BECF6-3C33-4D8C-B54E-A0D2F3295E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "828B4519-24D8-45A7-8448-D5FF6C83A2C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "F495AF7A-CC31-4045-BACC-902950C80ABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "68DFA54C-3DB9-4A94-A446-CF28671FE4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp5:*:*:*:*:*:*",
              "matchCriteriaId": "55A2AC4C-6B85-4B60-BFE1-C9588C5973B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:3.5.1:sp5:alpha:*:*:*:*:*",
              "matchCriteriaId": "DA5AA35E-D392-4516-AF02-70BE2ABA93EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E53CDA8E-50A8-4509-B070-CCA5604FFB21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "1A4FF113-BDCB-472C-A300-3DE5A12A7031",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "237D7C18-C8D6-4FDB-A160-FA17DD46A55A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:server:*:*:*:*:*",
              "matchCriteriaId": "7C5FCE82-1E2F-49B9-B504-8C03F2BCF296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server:*:*:*:*:*",
              "matchCriteriaId": "6E7E6AD3-5418-4FEA-84B5-833059CA880D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:terminal_server_alpha:*:*:*:*:*",
              "matchCriteriaId": "A5CEA2F6-0064-487D-AE4F-9C4F32E1C4AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:*:workstation:*:*:*:*:*",
              "matchCriteriaId": "35346A7B-2CB5-446D-B0C3-1F21D71A746D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "5BDCBCB8-DAA3-465F-ADDE-9143B8251989",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:alpha:*:*:*:*:*",
              "matchCriteriaId": "F8E32528-4DA7-4FF8-BBA1-929C5C44FAD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "064F4E76-1B89-4FA5-97ED-64624285C014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:server:*:*:*:*:*",
              "matchCriteriaId": "089A953C-8446-4E6F-B506-430C38DF37B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:terminal_server:*:*:*:*:*",
              "matchCriteriaId": "EA262C44-C0E6-493A-B8E5-4D26E4013226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp1:workstation:*:*:*:*:*",
              "matchCriteriaId": "416F06DD-980E-4A54-822D-CBA499FD1F86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "B86E0671-ED68-4549-B3AC-FD8BD79B0860",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:alpha:*:*:*:*:*",
              "matchCriteriaId": "3F9C691E-CD79-4D8B-BD35-04BDE4422A4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F66DC6FF-2B3D-4718-838F-9E055E89961F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:server:*:*:*:*:*",
              "matchCriteriaId": "656AE014-AEEC-46E8-A696-61FEA7932F21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:terminal_server:*:*:*:*:*",
              "matchCriteriaId": "EB519FE0-9E7D-4E71-8873-356C9D7CEAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp2:workstation:*:*:*:*:*",
              "matchCriteriaId": "A08D0EA1-DA1B-4C52-883A-3F156F032517",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "BB76E7EC-C396-4537-9065-4E815DA7097C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:alpha:*:*:*:*:*",
              "matchCriteriaId": "0EF2010D-5D16-40A7-B7DE-8168C76E5BDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "DA267420-56C5-4697-B0AA-52932F78B24B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:server:*:*:*:*:*",
              "matchCriteriaId": "93BA426E-DD51-44AC-BE78-3164670FF9E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:terminal_server:*:*:*:*:*",
              "matchCriteriaId": "224F8968-9F4C-4727-AAA3-61F5578EF54C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp3:workstation:*:*:*:*:*",
              "matchCriteriaId": "02BE9817-E1AE-4619-8302-CA7AA4167F48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "4CD026E2-B073-40A6-AD4A-8C76B9169B01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:alpha:*:*:*:*:*",
              "matchCriteriaId": "DD500955-71F7-41AD-96EE-E8CC6A7FA7A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "363E3895-A19B-42EC-B479-765168DC0B17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:server:*:*:*:*:*",
              "matchCriteriaId": "FBBBF25A-709B-4716-9894-AD82180091AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:terminal_server:*:*:*:*:*",
              "matchCriteriaId": "407DA6E8-0832-49FE-AE14-35C104C237EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp4:workstation:*:*:*:*:*",
              "matchCriteriaId": "88B70B7A-5BCC-4626-AAC7-D1ACFF25D66E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:*:*:*:*:*:*",
              "matchCriteriaId": "DBFB3E49-3FB5-4947-856D-727CBFFBA543",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:alpha:*:*:*:*:*",
              "matchCriteriaId": "CC031C07-FA91-426B-9772-64910AE12635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "81B7961D-151D-4773-80CB-CCD0456BFEAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:server:*:*:*:*:*",
              "matchCriteriaId": "82781A72-A34F-4668-9EE8-C203B04E3367",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:terminal_server:*:*:*:*:*",
              "matchCriteriaId": "AFE612D2-DF38-404F-AED1-B8C9C24012DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp5:workstation:*:*:*:*:*",
              "matchCriteriaId": "12ED7363-6EEE-4688-A9B7-C5EB1107A7B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:*:*:*:*:*:*",
              "matchCriteriaId": "B9236480-6450-42E1-B1FF-F336488A683A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:alpha:*:*:*:*:*",
              "matchCriteriaId": "D97FA0F5-6A53-4E3A-BFCF-1AFF4B83CB37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "B5CAF64E-98AA-4813-A2A2-5AC3387CF230",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:server:*:*:*:*:*",
              "matchCriteriaId": "BCDFDBBA-6C4F-472A-9F4F-461C424794E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:terminal_server:*:*:*:*:*",
              "matchCriteriaId": "BCC5E316-FB61-408B-BAA2-7FE03D581250",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6:workstation:*:*:*:*:*",
              "matchCriteriaId": "EDDD8DA8-D074-4543-AEDF-F856B5567F21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:*:*:*:*:*:*",
              "matchCriteriaId": "14F55877-A759-4C8A-84D5-70508E449799",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:alpha:*:*:*:*:*",
              "matchCriteriaId": "C79E6858-BB9C-4229-9DBE-8DA8627D10A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "CA7BA525-6DB8-4444-934A-932AFED69816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:server:*:*:*:*:*",
              "matchCriteriaId": "90CFA69B-7814-4F97-A14D-D76310065CF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:terminal_server:*:*:*:*:*",
              "matchCriteriaId": "2FECD4B0-23A0-4C0B-9888-D28A5941D848",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_nt:4.0:sp6a:workstation:*:*:*:*:*",
              "matchCriteriaId": "AB6ADBAF-6EB0-4CFA-9D33-A814AC20484E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*",
              "matchCriteriaId": "91D6D065-A28D-49DA-B7F4-38421FF86498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*",
              "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:media_center:*:*:*:*:*",
              "matchCriteriaId": "403945FA-8676-4D98-B903-48452B46F48F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*",
              "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*",
              "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:media_center:*:*:*:*:*",
              "matchCriteriaId": "6A05337E-18A5-4939-85A0-69583D9B5AD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:home:*:*:*:*:*",
              "matchCriteriaId": "E43BBC5A-057F-4BE2-B4BB-6791DDB0B9C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:media_center:*:*:*:*:*",
              "matchCriteriaId": "7E439FA5-78BF-41B1-BAEC-C1C94CE86F2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*",
              "matchCriteriaId": "FB2BE2DE-7B06-47ED-A674-15D45448F357",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en T2EMBED.DLL en Microsoft Windows 2000 SP4, XP SP1 y SP2 y Server 2003 hasta la versi\u00f3n SP1, Windows 98 y Windows ME permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un mensajes de correo electr\u00f3nico o una p\u00e1gina web con una fuente web Embedded Open Type (EOT) manipulada que desencadena el desbordamiento durante la descompresi\u00f3n."
    }
  ],
  "id": "CVE-2006-0010",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-01-10T22:03:00.000",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://seclists.org/fulldisclosure/2006/Jan/363"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18311"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18365"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18391"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://securitytracker.com/id?1015459"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/915930"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.osvdb.org/18829"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securityfocus.com/archive/1/421885/100/0/threaded"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16194"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-010A.html"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www.vupen.com/english/advisories/2006/0118"
    },
    {
      "source": "secure@microsoft.com",
      "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375525"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23922"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2006/Jan/363"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18365"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18391"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.eeye.com/html/Research/Advisories/EEYEB20050801.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/915930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/18829"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/421885/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16194"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA06-010A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=375525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23922"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1185"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1462"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1491"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A698"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A714"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.