NetMeeting Memory Corruption Bug Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1016238 |
|
SecurityTracker URL: http://securitytracker.com/id/1016238
|
|
CVE Reference:
CVE-2006-2919
(Links to External Site)
|
Updated: May 22 2009
|
Original Entry Date: Jun 7 2006
|
Impact:
Denial of service via network, Execution of arbitrary code via network, User access via network
|
|
Version(s): 3.01
|
Description:
A vulnerability was reported in NetMeeting. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to overwrite memory on the target system and cause the target service to crash. It may also be possible to execute arbitrary code.
HexView discovered this vulnerability.
The vendor was notified on June 4, 2005.
The original advisory is available at:
http://www.hexview.com/docs/20060606-1.txt
|
Impact:
A remote user can cause denial of service conditions.
A remote user may be able to execute arbitrary code on the target system.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.microsoft.com/ (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
Windows (2000), Windows (XP)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
