CVE-2006-3840

The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode.

Published: 2006-07-27 Last update: 2026-04-16 Assigner: [email protected] Source: [email protected]

NVD Status：Modified，CVE State: published

View at NVD, CVE.org, EUVD

Conclusion & alert: CVE-2006-3840 is rated Moderate Risk (52.3/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 4.12%). Core evidence: EPSS rose +1.40% over the last day, indicating growing attacker interest. Mandatory action: Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2006-3840

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-08-20	2.73%	4.12%	+1.40%
2	2025-03-30	2.56%	2.73%	+0.16%
3	2025-03-29	—	2.56%	—

Full EPSS history (14 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2006-3840

CVSS metrics for this CVE.

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
5.0	2.0	MEDIUM	`AV:N/AC:L/Au:N/C:N/I:N/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:N) No confidentiality impact. Integrity impact (I:N) No integrity impact. Availability impact (A:P) Partial availability impact.	10.0	2.9	[email protected]

Weakness enumeration for CVE-2006-3840

CWE-399 MITRE ↗

Affected software / configurations for CVE-2006-3840

Vendor	Product	Version	Raw CPE
iss	blackice_pc_protection	3.6cpk	cpe:2.3:a:iss:blackice_pc_protection:3.6cpk:::::::*
iss	blackice_server_protection	3.6cpk	cpe:2.3:a:iss:blackice_server_protection:3.6cpk:::::::*
iss	proventia_desktop	8.0.675.1790	cpe:2.3:a:iss:proventia_desktop:8.0.675.1790:::::::*
iss	proventia_desktop	8.0.812.1790	cpe:2.3:a:iss:proventia_desktop:8.0.812.1790:::::::*
iss	realsecure_desktop	7.0epk	cpe:2.3:a:iss:realsecure_desktop:7.0epk:::::::*
iss	realsecure_network	7.0	cpe:2.3:a:iss:realsecure_network:7.0:::::::*
iss	realsecure_server_sensor	7.0	cpe:2.3:a:iss:realsecure_server_sensor:7.0:::::::*
iss	proventia_a_series_xpu	—	cpe:2.3:h:iss:proventia_a_series_xpu::::::::
iss	proventia_g_series_xpu	—	cpe:2.3:h:iss:proventia_g_series_xpu::::::::
iss	proventia_m_series_xpu	—	cpe:2.3:h:iss:proventia_m_series_xpu::::::::
iss	proventia_server	1.0.914.1880	cpe:2.3:h:iss:proventia_server:1.0.914.1880:::::::*

References for CVE-2006-3840

URL	Tags
http://secunia.com/advisories/21219	Vendor Advisory
http://securitytracker.com/id?1016590
http://securitytracker.com/id?1016591
http://securitytracker.com/id?1016592
http://www.nsfocus.com/english/homepage/research/0607.htm
http://www.securityfocus.com/archive/1/441278/100/0/threaded
http://www.securityfocus.com/bid/19178
http://www.vupen.com/english/advisories/2006/2996	Vendor Advisory
http://xforce.iss.net/xforce/alerts/id/230	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27965
https://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=3630

cvelogic Threat Intelligence