Arbitrary Code Execution in Microsoft Terminal Server for Local Users
CVE-2006-4465

Currently unrated

Key Information:

Vendor

Microsoft
Status
Terminal Server
Vendor
CVE Published:
31 August 2006

What is CVE-2006-4465?

Microsoft Terminal Server, under specific configurations where 'Start program at logon' and 'Override settings from user profile and Client Connection Manager wizard' are enabled, could be exploited by local users. By forcing an error in the Explorer environment, unauthorized code execution becomes possible. While these settings were designed for user convenience, they inadvertently expose the server to potential security risks, allowing malicious actors to leverage them for executing arbitrary code.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://wklpc.blogspot.com/2006/08/easy-ms-terminal-server...
x_refsource_MISC
http://www.securityfocus.com/archive/1/443428/100/200/thr...
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/443364/100/200/thr...
mailing-listx_refsource_BUGTRAQ

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.