Unrated severityNVD Advisory· Published Mar 29, 2006· Updated Apr 16, 2026

CVE-2006-1476

Description

Windows Firewall in Microsoft Windows XP SP2 produces incorrect application block alerts when the application filename is ".exe" (with no characters before the "."), which might allow local user-assisted users to trick a user into unblocking a Trojan horse program, as demonstrated by a malicious ".exe" program in a folder named "Internet Explorer," which triggers a question about whether to unblock the "Internet Explorer" program.

Affected products

Microsoft/Windows Xp
cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
Microsoft/Windows XP Pro SP2llm-fuzzy
Range: = SP2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/archive/1/428970/100/0/threadednvd
www.securityfocus.com/archive/1/429111/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/25598nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.011
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000