What is the severity of CVE-2006-0005?

CVE-2006-0005 has a critical severity rating due to the potential for remote code execution.

How do I fix CVE-2006-0005?

To fix CVE-2006-0005, you should apply the relevant security patches provided by Microsoft for your affected operating system.

What versions of Windows are affected by CVE-2006-0005?

CVE-2006-0005 affects multiple versions of Windows, including Windows 2000, Windows XP, and various editions of Windows Server 2003.

What type of attack does CVE-2006-0005 facilitate?

CVE-2006-0005 allows remote attackers to execute arbitrary code on vulnerable systems through specially crafted HTML content.

Is CVE-2006-0005 browser-dependent?

Yes, CVE-2006-0005 is particularly exploitable when the vulnerable Windows Media Player plug-in is used in non-Internet Explorer browsers.

Vulnerability/
CVE-2006-0005

critical

9.3

CWE

119

14/2/2006

7/8/2024

CVE-2006-0005: Buffer Overflow

First published: Tue Feb 14 2006(Updated: )

Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows 2003 Server	=web_edition
Microsoft Windows Server 2003	=standard_sp1
Microsoft Windows XP
Microsoft Windows 2000	=sp4
Microsoft Windows 2003 Server	=standard
Microsoft Windows XP	=sp1
Microsoft Windows 2000 Advanced Server	=sp1
Microsoft Windows NT	=datacenter_server-sp4
Microsoft Windows NT	=xp_tablet_pc-sp2
Microsoft Windows 2000	=sp3
Microsoft Windows Server 2003	=enterprise_sp1
Microsoft Windows 2000 Advanced Server	=sp3
Microsoft Windows 2003 Server	=datacenter_edition_64-bit
Microsoft Windows 2000	=sp1
Microsoft Windows Terminal Services using RDP	=sp2
Microsoft Windows 2003 Server	=standard_64-bit
Microsoft Windows 2000 Advanced Server	=sp4
Microsoft Windows 2000	=sp4
Microsoft Windows 2003 Server	=enterprise_edition_64-bit
Microsoft Windows NT	=xp_tablet_pc-sp1
Microsoft Windows XP
Microsoft Windows NT	=datacenter_server-sp2
Microsoft Windows XP	=sp1
Microsoft Windows NT	=datacenter_server
Microsoft Windows Terminal Services using RDP	=sp1
Microsoft Windows NT	=xp_tablet_pc
Microsoft Windows XP	=sp2
Microsoft Windows Server 2003	=web_edition_sp1
Microsoft Windows NT	=xp-sp2
Microsoft Windows 2000 Advanced Server
Microsoft Windows Server 2003	=datacenter_sp1
Microsoft Windows XP	=sp2
Microsoft Windows XP
Microsoft Windows XP	=sp1
Microsoft Windows 2003 Server	=enterprise_edition
Microsoft Windows Terminal Services using RDP	=none
Microsoft Windows 2000 Advanced Server	=sp2
Microsoft Windows XP
Microsoft Windows NT	=datacenter_server-sp1
Microsoft Windows 2003 Server	=datacenter_edition
Microsoft Windows NT	=datacenter_server-sp3
Microsoft Windows XP
Microsoft Windows 2000	=sp2
Microsoft Windows Terminal Services using RDP	=sp3
Microsoft Windows 2000

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-0005?
CVE-2006-0005 has a critical severity rating due to the potential for remote code execution.
How do I fix CVE-2006-0005?
To fix CVE-2006-0005, you should apply the relevant security patches provided by Microsoft for your affected operating system.
What versions of Windows are affected by CVE-2006-0005?
CVE-2006-0005 affects multiple versions of Windows, including Windows 2000, Windows XP, and various editions of Windows Server 2003.
What type of attack does CVE-2006-0005 facilitate?
CVE-2006-0005 allows remote attackers to execute arbitrary code on vulnerable systems through specially crafted HTML content.
Is CVE-2006-0005 browser-dependent?
Yes, CVE-2006-0005 is particularly exploitable when the vulnerable Windows Media Player plug-in is used in non-Internet Explorer browsers.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/last-modified-date
agent/first-publish-date
agent/description
agent/event
agent/source
agent/weakness
agent/tags
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/microsoft
canonical/microsoft windows 2003 server
version/microsoft windows 2003 server/web_edition
canonical/microsoft windows server 2003
version/microsoft windows server 2003/standard_sp1
canonical/microsoft windows xp
canonical/microsoft windows 2000
version/microsoft windows 2000/sp4
version/microsoft windows 2003 server/standard
version/microsoft windows xp/sp1
canonical/microsoft windows 2000 advanced server
version/microsoft windows 2000 advanced server/sp1
canonical/microsoft windows nt
version/microsoft windows nt/datacenter_server-sp4
version/microsoft windows nt/xp_tablet_pc-sp2
version/microsoft windows 2000/sp3
version/microsoft windows server 2003/enterprise_sp1
version/microsoft windows 2000 advanced server/sp3
version/microsoft windows 2003 server/datacenter_edition_64-bit
version/microsoft windows 2000/sp1
canonical/microsoft windows terminal services using rdp
version/microsoft windows terminal services using rdp/sp2
version/microsoft windows 2003 server/standard_64-bit
version/microsoft windows 2000 advanced server/sp4
version/microsoft windows 2003 server/enterprise_edition_64-bit
version/microsoft windows nt/xp_tablet_pc-sp1
version/microsoft windows nt/datacenter_server-sp2
version/microsoft windows nt/datacenter_server
version/microsoft windows terminal services using rdp/sp1
version/microsoft windows nt/xp_tablet_pc
version/microsoft windows xp/sp2
version/microsoft windows server 2003/web_edition_sp1
version/microsoft windows nt/xp-sp2
version/microsoft windows server 2003/datacenter_sp1
version/microsoft windows 2003 server/enterprise_edition
version/microsoft windows terminal services using rdp/none
version/microsoft windows 2000 advanced server/sp2
version/microsoft windows nt/datacenter_server-sp1
version/microsoft windows 2003 server/datacenter_edition
version/microsoft windows nt/datacenter_server-sp3
version/microsoft windows 2000/sp2
version/microsoft windows terminal services using rdp/sp3

CVE-2006-0005: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2006-0005?

How do I fix CVE-2006-0005?

What versions of Windows are affected by CVE-2006-0005?

What type of attack does CVE-2006-0005 facilitate?

Is CVE-2006-0005 browser-dependent?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2006-0005?

How do I fix CVE-2006-0005?

What versions of Windows are affected by CVE-2006-0005?

What type of attack does CVE-2006-0005 facilitate?

Is CVE-2006-0005 browser-dependent?