Lucene search

[email protected]CVE-2006-1176

HistoryJul 08, 2006 - 12:05 a.m.

CVE-2006-1176

2006-07-0800:05:00

[email protected]

web.nvd.nist.gov

cve-2006-1176

buffer overflow

ebay

eupwalcontrol.dll

remote code execution

html document

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.13 Low

EPSS

Percentile

95.6%

JSON

Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.

Affected configurations

NVD

Node

ebayenhanced_picture_servicesRange≤1.0.3.36

CPENameOperatorVersion
ebay:enhanced_picture_servicesebay enhanced picture servicesle1.0.3.36

CPE	Name	Operator	Version
ebay:enhanced_picture_services	ebay enhanced picture services	le	1.0.3.36

References

secunia.com/advisories/20969

securitytracker.com/id?1016445

www.kb.cert.org/vuls/id/597721

www.kb.cert.org/vuls/id/MIMG-6QKPVH

www.securityfocus.com/bid/18921

www.vupen.com/english/advisories/2006/2698

exchange.xforce.ibmcloud.com/vulnerabilities/27631

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

High

0.13 Low

EPSS

Percentile

95.6%

JSON

Related for CVE-2006-1176

cert1 cvelist1 nvd1 kaspersky1 prion1