Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability."
Loading...
Loading...
Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability."
February 14, 2006
April 16, 2026
Every time one of our enrichment pipelines (NVD, MITRE cvelistV5, EPSS, CISA KEV, GHSA, OSV, vendor advisories) ran against this CVE. Most recent first.
Working exploit code is in the public domain (2 Exploit-DB entries). Defenders should treat patch urgency accordingly — public PoCs typically lead to mass-exploitation within 24-72 hours.
Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (2)
Open source ↗Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (1)
Open source ↗See which npm, PyPI, Go, and Maven packages are affected by CVE-2006-0021
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.