Lucene search

[email protected]CVE-2006-5656

HistoryNov 03, 2006 - 12:07 a.m.

CVE-2006-5656

2006-11-0300:07:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2006-5656

memory leak

vilistextum

denial of service

vulnerability

nvd

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.012 Low

EPSS

Percentile

84.7%

JSON

Memory leak in the push_align function in src/util.c in Vilistextum before 2.6.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the tmp_align variable. NOTE: it is not clear whether this is a vulnerability, due to the functionality of the product.

CPENameOperatorVersion
vilistextum:vilistextumvilistextumeq2.6.7
vilistextum:vilistextumvilistextumeq2.6.6

CPE	Name	Operator	Version
vilistextum:vilistextum	vilistextum	eq	2.6.7
vilistextum:vilistextum	vilistextum	eq	2.6.6

References

sourceforge.net/forum/forum.php?forum_id=626024

www.securityfocus.com/bid/20813

www.vupen.com/english/advisories/2006/4253

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.012 Low

EPSS

Percentile

84.7%

JSON