Lucene search

[email protected]CVE-2006-4514

HistoryNov 30, 2006 - 11:28 p.m.

CVE-2006-4514

2006-11-3023:28:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2006-4514

gnome structured file

libgsf

buffer overflow

ole document

nvd

security vulnerability

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON

Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (libgsf) 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large num_metabat value in an OLE document, which causes the ole_init_info function to allocate insufficient memory.

CPENameOperatorVersion
libgsf:libgsflibgsfeq1.13.2
libgsf:libgsflibgsfeq1.14
libgsf:libgsflibgsfeq1.11.1
libgsf:libgsflibgsfeq1.14.1

CPE	Name	Operator	Version
libgsf:libgsf	libgsf	eq	1.13.2
libgsf:libgsf	libgsf	eq	1.14
libgsf:libgsf	libgsf	eq	1.11.1
libgsf:libgsf	libgsf	eq	1.14.1

References

ftp://patches.sgi.com/support/free/security/advisories/20070101-01-P.asc

labs.idefense.com/intelligence/vulnerabilities/display.php?id=446

lists.suse.com/archive/suse-security-announce/2006-Dec/0005.html

rhn.redhat.com/errata/RHSA-2007-0011.html

secunia.com/advisories/23164

secunia.com/advisories/23166

secunia.com/advisories/23167

secunia.com/advisories/23227

secunia.com/advisories/23337

secunia.com/advisories/23352

secunia.com/advisories/23355

secunia.com/advisories/23686

secunia.com/advisories/23920

security.gentoo.org/glsa/glsa-200612-13.xml

www.debian.org/security/2006/dsa-1221

www.mandriva.com/security/advisories?name=MDKSA-2006:220

www.securityfocus.com/archive/1/454389/30/9210/threaded

www.securityfocus.com/bid/21358

www.ubuntu.com/usn/usn-391-1

www.vupen.com/english/advisories/2006/4784

www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/30611

issues.rpath.com/browse/RPL-857

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9413

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.2%

JSON

Related for CVE-2006-4514

nessus10 openvas7 ubuntucve1 securityvulns1 debiancve1 oraclelinux1 gentoo1 centos1 cvelist1 redhat1 suse1 ubuntu1