Denial of Service Vulnerability in Microsoft Distributed Transaction Coordinator
CVE-2006-1184

Currently unrated

Key Information:

Vendor: Microsoft
Status: Distributed Transaction Coordinator
Vendor: CVE Published:; 10 May 2006

Summary

The Microsoft Distributed Transaction Coordinator (MSDTC) is susceptible to a denial of service attack that may be exploited by remote attackers. By sending a specially crafted BuildContextW request featuring a large UuidString or GuidIn, attackers can trigger an out-of-bounds memory access, resulting in a system crash. This vulnerability affects various versions of Windows, including NT 4.0, 2000 SP4, XP SP1, XP SP2, and Server 2003, posing a significant risk of service disruption.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.eeye.com/html/research/advisories/AD20060509b....

x_refsource_MISC

http://www.osvdb.org/25336

vdb-entryx_refsource_OSVDB

EPSS Score

33% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 10, 2006
Vulnerability Reserved
Mar 13, 2006