Lucene search

[email protected]CVE-2006-3925

HistoryJul 28, 2006 - 11:04 p.m.

CVE-2006-3925

2006-07-2823:04:00

[email protected]

web.nvd.nist.gov

cve-2006-3925

itirecorder

micrecorder

activex

buffer overflow

interactual player

iarecord.dll

remote code execution

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

8.2 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON

Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control in iarecord.dll in InterActual Player before 2.6 allows remote attackers to execute arbitrary code via a long argument to the Files method. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Affected configurations

NVD

Node

interactual_technologiesinteractual_playerRange≤2.60.12.0201

CPENameOperatorVersion
interactual_technologies:interactual_playerinteractual technologies interactual playerle2.60.12.0201

CPE	Name	Operator	Version
interactual_technologies:interactual_player	interactual technologies interactual player	le	2.60.12.0201

References

secunia.com/advisories/20845

www.securityfocus.com/bid/19205

www.vupen.com/english/advisories/2006/3016

exchange.xforce.ibmcloud.com/vulnerabilities/28055

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

8.2 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON

Related for CVE-2006-3925

nvd1 cvelist1