CVE-2006-6753

CVE-2006-6753 is a medium-severity vulnerability in Microsoft Windows Event Viewer with a CVSS 2.0 base score of 4.1. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.

Key facts

Description

Event Viewer (eventvwr.exe) in Microsoft Windows does not properly display log data that contains '%' (percent) characters, which might make it impossible to use Event Viewer to determine the actual data that triggered an event, and might produce long strings that are not properly handled by certain processes that rely on Event Viewer.

Frequently asked questions

What is CVE-2006-6753?
Event Viewer (eventvwr.exe) in Microsoft Windows does not properly display log data that contains '%' (percent) characters, which might make it impossible to use Event Viewer to determine the actual data that triggered an event, and might produce long strings that are not properly handled by certain processes that rely on Event Viewer.
How severe is CVE-2006-6753?
CVE-2006-6753 has a CVSS 2.0 base score of 4.1, rated medium severity.
Is CVE-2006-6753 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (73rd percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2006-6753?
CVE-2006-6753 affects Microsoft Windows Event Viewer. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2006-6753?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2006-6753 published?
CVE-2006-6753 was published on 2006-12-27 and last updated on 2026-06-16.

References

Affected products (1)