Lucene search

[email protected]CVE-2006-0559

HistoryApr 04, 2006 - 2:04 p.m.

CVE-2006-0559

2006-04-0414:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-0559

format string vulnerability

mcafee webshield

smtp server

remote code execution

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.776 High

EPSS

Percentile

98.2%

JSON

Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address, which are not properly handled when a bounce message is constructed.

CPENameOperatorVersion
mcafee:webshield_smtpmcafee webshield smtple4.5

CPE	Name	Operator	Version
mcafee:webshield_smtp	mcafee webshield smtp	le	4.5

References

secunia.com/advisories/19491

securityreason.com/securityalert/671

securitytracker.com/id?1015861

www.osvdb.org/24366

www.securityfocus.com/archive/1/429812/100/0/threaded

www.securityfocus.com/bid/16742

www.vupen.com/english/advisories/2006/1219

exchange.xforce.ibmcloud.com/vulnerabilities/25621

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.776 High

EPSS

Percentile

98.2%

JSON

Related for CVE-2006-0559

prion1 checkpoint_advisories1 securityvulns1