Lucene search

[email protected]CVE-2006-5850

HistoryNov 10, 2006 - 2:07 a.m.

CVE-2006-5850

2006-11-1002:07:00

[email protected]

web.nvd.nist.gov

cve-2006-5850

essentia web server

buffer overflow

remote code execution

windows

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.358 Low

EPSS

Percentile

97.2%

JSON

Stack-based buffer overflow in Essentia Web Server 2.15 for Windows allows remote attackers to execute arbitrary code via a long URI, as demonstrated by a GET or HEAD request. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

essenessentia_web_serverMatch2.15

CPENameOperatorVersion
essen:essentia_web_serveressen essentia web servereq2.15

CPE	Name	Operator	Version
essen:essentia_web_server	essen essentia web server	eq	2.15

References

lists.grok.org.uk/pipermail/full-disclosure/2006-November/050537.html

secunia.com/advisories/22718

securityreason.com/securityalert/1846

www.securityfocus.com/archive/1/451115/100/0/threaded

www.securityfocus.com/archive/1/451382/100/200/threaded

www.securityfocus.com/bid/20910

www.vupen.com/english/advisories/2006/4384

exchange.xforce.ibmcloud.com/vulnerabilities/30049

www.exploit-db.com/exploits/2716

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.358 Low

EPSS

Percentile

97.2%

JSON

Related for CVE-2006-5850

nvd1 cvelist1