CVE-2006-2910

Sažetak

Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed.

Reference

http://secunia.com/advisories/19456
http://secunia.com/secunia_research/2006-45/advisory/
http://www.securityfocus.com/bid/18825
http://www.vupen.com/english/advisories/2006/2667
https://exchange.xforce.ibmcloud.com/vulnerabilities/27593

CVSS

Base:	5.1
Impact:	6.4
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

20-07-2017 - 01:31

Objavljeno

05-07-2006 - 18:05