CVE-2006-3209

Published: Jun 24, 2006Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

The Task scheduler (at.exe) on Microsoft Windows XP spawns each scheduled process with SYSTEM permissions, which allows local users to gain privileges. NOTE: this issue has been disputed by third parties, who state that the Task scheduler is limited to the Administrators group by default upon installation

Affected (1)

Products: Microsoft: Windows Xp

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows Xp	All versions

References (6)

http://securityreason.com/securityalert/1137

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/436810/100/200/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/436884/100/200/threaded

Source: cve@mitre.org

http://securityreason.com/securityalert/1137

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/436810/100/200/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/436884/100/200/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.