CVE-2006-3445 - Unswayed People
Description
Integer overflow in the ReadWideString function in agentdpv.dll in Microsoft Agent on Microsoft Windows 2000 SP4 XP SP2 and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a large length value in an .ACF file which results in a heap-based buffer overflow.
Reference
http://secunia.com/advisories/22878 http://www.us-cert.gov/cas/techalerts/TA06-318A.html http://www.kb.cert.org/vuls/id/810772 http://www.securityfocus.com/bid/21034 http://securitytracker.com/id?1017222 http://www.coseinc.com/alert.html http://www.vupen.com/english/advisories/2006/4506 https://exchange.xforce.ibmcloud.com/vulnerabilities/29945 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A154 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-068 http://www.securityfocus.com/archive/1/458558/100/0/threaded