Lucene search

[email protected]CVE-2006-3893

HistoryDec 04, 2006 - 11:28 a.m.

CVE-2006-3893

2006-12-0411:28:00

[email protected]

web.nvd.nist.gov

cve-2006-3893

buffer overflow

activex

newtone imagekit

casio photo loader

arbitrary code execution

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.074 Low

EPSS

Percentile

94.1%

JSON

Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before Fix 40, as used in CASIO Photo Loader software before 3.01 and possibly other software, allow remote attackers to execute arbitrary code via a crafted HTML document.

Affected configurations

NVD

Node

casiophoto_loaderMatch3.00

newtoneimagekitMatch5_fix_29

newtoneimagekitMatch6_fix_40

CPENameOperatorVersion
casio:photo_loadercasio photo loadereq3.00
newtone:imagekitnewtone imagekiteq5_fix_29
newtone:imagekitnewtone imagekiteq6_fix_40

CPE	Name	Operator	Version
casio:photo_loader	casio photo loader	eq	3.00
newtone:imagekit	newtone imagekit	eq	5_fix_29
newtone:imagekit	newtone imagekit	eq	6_fix_40

References

secunia.com/advisories/23286

www.kb.cert.org/vuls/id/210697

www.securityfocus.com/bid/21375

www.vupen.com/english/advisories/2006/4794

www.vupen.com/english/advisories/2006/4795

exchange.xforce.ibmcloud.com/vulnerabilities/30680

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.074 Low

EPSS

Percentile

94.1%

JSON

Related for CVE-2006-3893

cert1 cvelist1 nvd1