CVE-2006-0012
Summary
| CVE | CVE-2006-0012 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-04-12 00:02:00 UTC |
| Updated | 2019-04-30 14:27:00 UTC |
| Description | Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability." |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows 2000 | All | All | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp1 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp2 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp3 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | All |
| Operating System | Microsoft | Windows 2000 | All | All | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp1 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp2 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp3 | All | All |
| Operating System | Microsoft | Windows 2000 | All | sp4 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | datacenter_64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | standard | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | datacenter_64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard | All | 64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | standard | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | sp1 | All | All |
| Operating System | Microsoft | Windows 98 | All | gold | All | All |
| Operating System | Microsoft | Windows 98 | All | gold | All | All |
| Operating System | Microsoft | Windows 98se | All | All | All | All |
| Operating System | Microsoft | Windows 98se | All | All | All | All |
| Operating System | Microsoft | Windows Me | All | All | All | All |
| Operating System | Microsoft | Windows Me | All | All | All | All |
| Operating System | Microsoft | Windows Xp | All | All | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | All | home | All |
| Operating System | Microsoft | Windows Xp | All | All | media_center | All |
| Operating System | Microsoft | Windows Xp | All | gold | professional | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | tablet_pc | All |
| Operating System | Microsoft | Windows Xp | All | All | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | All | home | All |
| Operating System | Microsoft | Windows Xp | All | All | media_center | All |
| Operating System | Microsoft | Windows Xp | All | gold | professional | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | tablet_pc | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Microsoft Windows Shell COM Object Remote Code Execution Vulnerability | BID | www.securityfocus.com | |
| US-CERT Technical Cyber Security Alert TA06-101A -- Microsoft Windows and Internet Explorer Vulnerabilities | CERT | www.us-cert.gov | US Government Resource |
| Microsoft Windows Explorer COM Object Handling Vulnerability - Advisories - Secunia | SECUNIA | secunia.com | Patch, Vendor Advisory |
| US-CERT Vulnerability Note VU#641460 | CERT-VN | www.kb.cert.org | Third Party Advisory, US Government Resource |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| SecurityTracker.com Archives - Microsoft Windows Explorer COM Object Bug Lets Remote Users Execute Arbitrary Code | SECTRACK | securitytracker.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| 24516 | OSVDB | www.osvdb.org | |
| Microsoft Security Bulletin MS06-015 - Critical | Microsoft Docs | MS | docs.microsoft.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.