VAR-200608-0200
Vulnerability from variot - Updated: 2025-04-03 22:10Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w29n51.sys Microsoft Windows drivers for Intel 2200BG and 2915ABG PRO/Wireless Network Connection before 10.5 with driver 9.0.4.16 allows remote attackers to execute arbitrary code via certain frames that trigger memory corruption. Microsoft Windows drivers for Intel Centrino wireless adapters fail to properly handle malformed frames. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. An attacker within range of a vulnerable Wi-Fi station can trigger these issues to corrupt memory to execute code with kernel-level privileges. A successful attack can result in a complete compromise of the affected computer. Intel PRO/Wireless 2200BG and 2915ABG versions prior to 10.5 with driver version 9.0.4.16 for Windows are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200608-0200",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "2200bg proset wireless",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "10"
},
{
"model": "2915abg proset wireless",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "9"
},
{
"model": "2200bg proset wireless",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "8"
},
{
"model": "2915abg proset wireless",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "10"
},
{
"model": "2200bg proset wireless",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "9"
},
{
"model": "2915abg proset wireless",
"scope": "eq",
"trust": 1.6,
"vendor": "intel",
"version": "8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dell computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "intel centrino",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a4\u30f3\u30c6\u30eb",
"version": "2200bg"
},
{
"model": "intel centrino",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30a4\u30f3\u30c6\u30eb",
"version": "2915abg pro"
},
{
"model": "vaio",
"scope": null,
"trust": 0.8,
"vendor": "\u30bd\u30cb\u30fc\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"model": "flora",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u7acb",
"version": null
},
{
"model": "celsius\u30ef\u30fc\u30af\u30b9\u30c6\u30fc\u30b7\u30e7\u30f3",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "fmv-lifebook",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "pro/wireless 2915abg",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9"
},
{
"model": "pro/wireless 2915abg",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10"
},
{
"model": "pro/wireless 2200bg",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "9"
},
{
"model": "pro/wireless 2200bg",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "8"
},
{
"model": "pro/wireless 2200bg",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "10"
},
{
"model": "pro/wireless 2915abg driver",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "10.59.0.4.16"
},
{
"model": "pro/wireless 2200bg driver",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "10.59.0.4.16"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#230208"
},
{
"db": "BID",
"id": "19298"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000929"
},
{
"db": "CNNVD",
"id": "CNNVD-200608-069"
},
{
"db": "NVD",
"id": "CVE-2006-3992"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:intel:centrino",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:sony:vaio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:hitachi:flora",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fujitsu:celsius_workstation",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:fujitsu:fmv-lifebook",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000929"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intelhttp://www.intel.com/",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200608-069"
}
],
"trust": 0.6
},
"cve": "CVE-2006-3992",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2006-3992",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-20100",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2006-3992",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#230208",
"trust": 0.8,
"value": "12.72"
},
{
"author": "NVD",
"id": "CVE-2006-3992",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200608-069",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-20100",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#230208"
},
{
"db": "VULHUB",
"id": "VHN-20100"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000929"
},
{
"db": "CNNVD",
"id": "CNNVD-200608-069"
},
{
"db": "NVD",
"id": "CVE-2006-3992"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the Centrino (1) w22n50.sys, (2) w22n51.sys, (3) w29n50.sys, and (4) w29n51.sys Microsoft Windows drivers for Intel 2200BG and 2915ABG PRO/Wireless Network Connection before 10.5 with driver 9.0.4.16 allows remote attackers to execute arbitrary code via certain frames that trigger memory corruption. Microsoft Windows drivers for Intel Centrino wireless adapters fail to properly handle malformed frames. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. \nAn attacker within range of a vulnerable Wi-Fi station can trigger these issues to corrupt memory to execute code with kernel-level privileges. \nA successful attack can result in a complete compromise of the affected computer. \nIntel PRO/Wireless 2200BG and 2915ABG versions prior to 10.5 with driver version 9.0.4.16 for Windows are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3992"
},
{
"db": "CERT/CC",
"id": "VU#230208"
},
{
"db": "BID",
"id": "19298"
},
{
"db": "VULHUB",
"id": "VHN-20100"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#230208",
"trust": 3.3
},
{
"db": "BID",
"id": "19298",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2006-3992",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1016621",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2006-3100",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000929",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200608-069",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-20100",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#230208"
},
{
"db": "VULHUB",
"id": "VHN-20100"
},
{
"db": "BID",
"id": "19298"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000929"
},
{
"db": "CNNVD",
"id": "CNNVD-200608-069"
},
{
"db": "NVD",
"id": "CVE-2006-3992"
}
]
},
"id": "VAR-200608-0200",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-20100"
}
],
"trust": 0.79242424
},
"last_update_date": "2025-04-03T22:10:26.327000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.intel.com/"
},
{
"title": "Intel Wireless LAN \u30c7\u30d0\u30a4\u30b9\u3092\u3054\u4f7f\u7528\u306e\u304a\u5ba2\u69d8\u3078\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://vcl.vaio.sony.co.jp/notices/security/info222.html"
},
{
"title": "\u3010\u91cd\u8981\u3011Intel\u793e\u88fd\u7121\u7ddaLAN\u30c9\u30e9\u30a4\u30d0\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/OSD/pc/flora/information/info0608111.html"
},
{
"title": "[\u7dca\u6025] Intel\u793e\u88fd\u7121\u7dda\uff08\u30ef\u30a4\u30e4\u30ec\u30b9\uff09LAN\u30c9\u30e9\u30a4\u30d0\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/intel/wlan.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-000929"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-3992"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/19298"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/230208"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1016621"
},
{
"trust": 2.0,
"url": "http://support.intel.com/support/wireless/wlan/sb/cs-023065.htm"
},
{
"trust": 1.4,
"url": "http://www.frsirt.com/english/advisories/2006/3100"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/3100"
},
{
"trust": 0.8,
"url": "http://security-center.intel.com/advisory.aspx?intelid=intel-sa-00001\u0026languageid=en-fr"
},
{
"trust": 0.8,
"url": "http://support.intel.com/support/wireless/wlan/sb/cs-005905.htm"
},
{
"trust": 0.8,
"url": "http://support.intel.com/support/wireless/wlan/sb/cs-010623.htm"
},
{
"trust": 0.8,
"url": "http://downloadmirror.intel.com/df-support/11141/eng/relnotes.htm"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/archive-082006.html#00000940"
},
{
"trust": 0.8,
"url": "http://www.f-secure.com/weblog/archives/archive-082006.html#00000938"
},
{
"trust": 0.8,
"url": "ftp://download.intel.com/support/wireless/wlan/sb/3945abgug.pdf"
},
{
"trust": 0.8,
"url": "http://support.intel.com/support/wireless/wlan/pro2200bg/"
},
{
"trust": 0.8,
"url": "ftp://download.intel.com/support/wireless/wlan/pro2200bg/2200bgug.pdf"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/q-268.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-3992"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu230208/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-3992"
},
{
"trust": 0.3,
"url": "http://www.intel.com/network/connectivity/products/wireless/prowireless_mobile.htm"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#230208"
},
{
"db": "VULHUB",
"id": "VHN-20100"
},
{
"db": "BID",
"id": "19298"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000929"
},
{
"db": "CNNVD",
"id": "CNNVD-200608-069"
},
{
"db": "NVD",
"id": "CVE-2006-3992"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#230208"
},
{
"db": "VULHUB",
"id": "VHN-20100"
},
{
"db": "BID",
"id": "19298"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-000929"
},
{
"db": "CNNVD",
"id": "CNNVD-200608-069"
},
{
"db": "NVD",
"id": "CVE-2006-3992"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-08-07T00:00:00",
"db": "CERT/CC",
"id": "VU#230208"
},
{
"date": "2006-08-05T00:00:00",
"db": "VULHUB",
"id": "VHN-20100"
},
{
"date": "2006-08-02T00:00:00",
"db": "BID",
"id": "19298"
},
{
"date": "2008-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000929"
},
{
"date": "2006-08-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200608-069"
},
{
"date": "2006-08-05T00:04:00",
"db": "NVD",
"id": "CVE-2006-3992"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-05-31T00:00:00",
"db": "CERT/CC",
"id": "VU#230208"
},
{
"date": "2011-03-08T00:00:00",
"db": "VULHUB",
"id": "VHN-20100"
},
{
"date": "2006-08-08T05:36:00",
"db": "BID",
"id": "19298"
},
{
"date": "2008-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-000929"
},
{
"date": "2006-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200608-069"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2006-3992"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200608-069"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel Centrino wireless network drivers fail to properly handle malformed frames",
"sources": [
{
"db": "CERT/CC",
"id": "VU#230208"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "19298"
},
{
"db": "CNNVD",
"id": "CNNVD-200608-069"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…