Lucene search

[email protected]CVE-2006-3600

HistoryJul 18, 2006 - 3:37 p.m.

CVE-2006-3600

2006-07-1815:37:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-3600

remote code execution

buffer overflow

denial of service

libtunepimp

7.2 High

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.084 Low

EPSS

Percentile

94.3%

JSON

Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp (TunePimp) 0.4.2 allow remote user-assisted attackers to cause a denial of service (application crash) and possibly execute code via a long (1) Album release date (MBE_ReleaseGetDate), (2) data, or (3) error strings.

CPENameOperatorVersion
libtunepimp:libtunepimplibtunepimpeq0.4.2

CPE	Name	Operator	Version
libtunepimp:libtunepimp	libtunepimp	eq	0.4.2

References

bugs.musicbrainz.org/ticket/1764

secunia.com/advisories/21026

secunia.com/advisories/21027

secunia.com/advisories/21106

secunia.com/advisories/21277

secunia.com/advisories/21323

security.gentoo.org/glsa/glsa-200607-11.xml

securitytracker.com/id?1016539

www.debian.org/security/2006/dsa-1135

www.mandriva.com/security/advisories?name=MDKSA-2006:126

www.osvdb.org/27094

www.securityfocus.com/bid/18961

www.ubuntu.com/usn/usn-318-1

www.vupen.com/english/advisories/2006/2785

exchange.xforce.ibmcloud.com/vulnerabilities/27728

7.2 High

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.084 Low

EPSS

Percentile

94.3%

JSON

Related for CVE-2006-3600

openvas2 nessus4 ubuntucve1 gentoo1 debian1 cve1