Lucene search

[email protected]CVE-2006-2023

HistoryApr 25, 2006 - 8:06 p.m.

CVE-2006-2023

2006-04-2520:06:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2023

nvd

fenice

rtsp

denial of service

application crash

integer overflow

7.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.068 Low

EPSS

Percentile

93.8%

JSON

Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c in Fenice 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a large HTTP Content-Length value, which leads to an invalid memory access.

CPENameOperatorVersion
ls3:fenicels3 fenicele1.10

CPE	Name	Operator	Version
ls3:fenice	ls3 fenice	le	1.10

References

aluigi.altervista.org/adv/fenicex-adv.txt

secunia.com/advisories/19770

securityreason.com/securityalert/794

www.osvdb.org/24882

www.securityfocus.com/archive/1/431870/100/0/threaded

www.securityfocus.com/archive/1/436256/100/0/threaded

www.securityfocus.com/bid/17678

www.vupen.com/english/advisories/2006/1491

exchange.xforce.ibmcloud.com/vulnerabilities/26080

7.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.068 Low

EPSS

Percentile

93.8%

JSON

Related for CVE-2006-2023

prion1 nessus1