CVE-2006-2378
Summary
| CVE | CVE-2006-2378 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-13 19:06:00 UTC |
| Updated | 2021-07-23 12:55:00 UTC |
| Description | Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Ie | 5.0.1 | All | All | All |
| Application | Microsoft | Ie | 5.0.1 | sp1 | All | All |
| Application | Microsoft | Ie | 5.0.1 | sp2 | All | All |
| Application | Microsoft | Ie | 5.0.1 | sp3 | All | All |
| Application | Microsoft | Ie | 5.0.1 | sp4 | All | All |
| Application | Microsoft | Ie | 6.0 | All | All | All |
| Application | Microsoft | Ie | 6.0 | sp1 | All | All |
| Application | Microsoft | Ie | 5.0.1 | All | All | All |
| Application | Microsoft | Ie | 5.0.1 | sp1 | All | All |
| Application | Microsoft | Ie | 5.0.1 | sp2 | All | All |
| Application | Microsoft | Ie | 5.0.1 | sp3 | All | All |
| Application | Microsoft | Ie | 5.0.1 | sp4 | All | All |
| Application | Microsoft | Ie | 6.0 | All | All | All |
| Application | Microsoft | Ie | 6.0 | sp1 | All | All |
| Application | Microsoft | Internet Explorer | 5.0.1 | All | All | All |
| Application | Microsoft | Internet Explorer | 5.0.1 | sp1 | All | All |
| Application | Microsoft | Internet Explorer | 5.0.1 | sp2 | All | All |
| Application | Microsoft | Internet Explorer | 5.0.1 | sp3 | All | All |
| Application | Microsoft | Internet Explorer | 5.0.1 | sp4 | All | All |
| Application | Microsoft | Internet Explorer | 6.0 | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | datacenter_64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | sp1 | All | enterprise | All |
| Operating System | Microsoft | Windows 2003 Server | standard | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | datacenter_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | enterprise_edition_64-bit | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | r2 | All | datacenter_64-bit | All |
| Operating System | Microsoft | Windows 2003 Server | sp1 | All | enterprise | All |
| Operating System | Microsoft | Windows 2003 Server | standard | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard | sp1 | All | All |
| Operating System | Microsoft | Windows 2003 Server | standard_64-bit | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | All | All | All |
| Operating System | Microsoft | Windows 2003 Server | web | sp1 | All | All |
| Operating System | Microsoft | Windows Xp | All | All | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | All | home | All |
| Operating System | Microsoft | Windows Xp | All | All | media_center | All |
| Operating System | Microsoft | Windows Xp | All | gold | professional | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | tablet_pc | All |
| Operating System | Microsoft | Windows Xp | All | All | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | All | home | All |
| Operating System | Microsoft | Windows Xp | All | All | media_center | All |
| Operating System | Microsoft | Windows Xp | All | gold | professional | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | 64-bit | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp1 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | home | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | media_center | All |
| Operating System | Microsoft | Windows Xp | All | sp2 | tablet_pc | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Microsoft Windows Malformed ART Image Remote Code Execution Vulnerability | BID | www.securityfocus.com | Patch |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| 26432 | OSVDB | www.osvdb.org | |
| US-CERT Vulnerability Note VU#923236 | CERT-VN | www.kb.cert.org | Patch, US Government Resource |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Microsoft Security Bulletin MS06-022 - Critical | Microsoft Docs | MS | docs.microsoft.com | |
| Secunia - Advisories - Microsoft Windows ART Image Handling Buffer Overflow | SECUNIA | secunia.com | Vendor Advisory |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Accenture | Let there be change | IDEFENSE | www.idefense.com | |
| SecurityTracker.com Archives - Microsoft Windows Buffer Overflow in AOL ART Image Rendering Library Lets Remote Users Execute Arbitrary Code | SECTRACK | securitytracker.com | |
| US-CERT Technical Cyber Security Alert TA06-164A -- Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and Exchange Vulnerabilities | CERT | www.us-cert.gov | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.