Unrated severityNVD Advisory· Published Jul 11, 2006· Updated Apr 16, 2026

CVE-2006-2372

Description

Buffer overflow in the DHCP Client service for Microsoft Windows 2000 SP4, Windows XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a crafted DHCP response.

Affected products

Microsoft/DHCP Client Service
cpe:2.3:a:microsoft:dhcp_client_service:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/21010nvdPatchVendor Advisory
www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_Microsoft_Windows_DHCP_Client_Service_Remote_Buffer_Overflow.pdfnvdPatch
www.securityfocus.com/bid/18923nvdPatch
www.kb.cert.org/vuls/id/257164nvdUS Government Resource
www.us-cert.gov/cas/techalerts/TA06-192A.htmlnvdUS Government Resource
archives.neohapsis.com/archives/fulldisclosure/2006-07/0222.htmlnvd
securityreason.com/securityalert/1201nvd
securitytracker.com/idnvd
www.osvdb.org/27151nvd
www.securityfocus.com/archive/1/439675/100/0/threadednvd
www.securityfocus.com/archive/1/444631/100/0/threadednvd
www.vupen.com/english/advisories/2006/2754nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-036nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A232nvd
www.exploit-db.com/exploits/2054nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.070
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000