Description
Double free vulnerability in isode.eddy in Isode M-Vault Server 11.3 allows remote attackers to execute arbitrary code via a crafted LDAP request, as demonstrated by ProtoVer Sample LDAP.
Affected Software
{"id": "CVE-2006-0710", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2006-0710", "description": "Double free vulnerability in isode.eddy in Isode M-Vault Server 11.3 allows remote attackers to execute arbitrary code via a crafted LDAP request, as demonstrated by ProtoVer Sample LDAP.", "published": "2006-02-15T11:06:00", "modified": "2017-07-20T01:30:00", "epss": [{"cve": "CVE-2006-0710", "epss": 0.19213, "percentile": 0.95648, "modified": "2023-10-02"}], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0710", "reporter": "cve@mitre.org", "references": ["http://lists.immunitysec.com/pipermail/dailydave/2006-February/002925.html", "http://www.securityfocus.com/bid/16635", "http://secunia.com/advisories/18818", "http://www.vupen.com/english/advisories/2006/0567", "https://exchange.xforce.ibmcloud.com/vulnerabilities/24700"], "cvelist": ["CVE-2006-0710"], "immutableFields": [], "lastseen": "2023-10-02T19:17:43", "viewCount": 23, "enchantments": {"dependencies": {"references": [], "rev": 4}, "score": {"value": 8.1, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "affected_software": {"major_version": [{"name": "isode m-vault server", "version": 11}]}, "epss": [{"cve": "CVE-2006-0710", "epss": 0.19213, "percentile": 0.9551, "modified": "2023-05-07"}], "vulnersScore": 8.1}, "_state": {"dependencies": 1696274367, "score": 1696274823, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "6d51ca6db0f166fa9f97f00cd1e5273c"}, "cna_cvss": {"cna": "mitre", "cvss": {}}, "cpe": ["cpe:/a:isode:m-vault_server:11.3"], "cpe23": ["cpe:2.3:a:isode:m-vault_server:11.3:*:*:*:*:*:*:*"], "cwe": ["CWE-119"], "affectedSoftware": [{"cpeName": "isode:m-vault_server", "version": "11.3", "operator": "eq", "name": "isode m-vault server"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:isode:m-vault_server:11.3:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "http://lists.immunitysec.com/pipermail/dailydave/2006-February/002925.html", "name": "[Dailydave] 20060213 eddy 0day", "refsource": "MLIST", "tags": []}, {"url": "http://www.securityfocus.com/bid/16635", "name": "16635", "refsource": "BID", "tags": ["Exploit"]}, {"url": "http://secunia.com/advisories/18818", "name": "18818", "refsource": "SECUNIA", "tags": ["Vendor Advisory"]}, {"url": "http://www.vupen.com/english/advisories/2006/0567", "name": "ADV-2006-0567", "refsource": "VUPEN", "tags": []}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24700", "name": "isode-mvault-ldap-dos(24700)", "refsource": "XF", "tags": []}], "product_info": [{"vendor": "Isode", "product": "M-vault_server"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "exploits": [], "assigned": "2006-02-15T00:00:00"}
{}
CVE-2006-0710