What is CVE-2011-3406?

CVE-2011-3406 is a high-severity vulnerability in Microsoft Windows_7, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 8.8/10. Published 2011-12-14.

How severe is CVE-2011-3406?

High severity. CVSS v3 base score is 8.8 out of 10.

Buffer overflow in Microsoft Windows_7

CVE-2011-3406

Buffer overflow in Active Directory, Active Directory Application Mode (ADAM), and Active Directory Lightweight Directory Service (AD LDS) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008…

Vulnerability class: Buffer Overflow

EPSS: 0.435 (97.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Microsoft Windows_7
Microsoft Windows_server_2003
Microsoft Windows_server_2008 — versions r2
Microsoft Windows_vista
Microsoft Windows_xp
N/a — versions n/a

Weakness classification (CWE)

References

TA11-347A (US Government Resource, x_refsource_CERT, third-party-advisory)
MS11-095 (x_refsource_MS, vendor-advisory)
oval:org.mitre.oval:def:14037 (x_refsource_OVAL, signature, vdb-entry)

Frequently asked questions

What is CVE-2011-3406?: CVE-2011-3406 is a high-severity vulnerability in Microsoft Windows_7, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 8.8/10. Published 2011-12-14.
How severe is CVE-2011-3406?: High severity. CVSS v3 base score is 8.8 out of 10.