[email protected]CVE-2006-5856

HistoryDec 06, 2006 - 7:28 p.m.

CVE-2006-5856

2006-12-0619:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-5856

stack-based buffer overflow

adobe download manager

remote code execution

dm.ini file

aom file

8.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.816 High

EPSS

Percentile

98.4%

JSON

Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file.

CPENameOperatorVersion
adobe:download_manageradobe download managerle2.1

CPE	Name	Operator	Version
adobe:download_manager	adobe download manager	le	2.1

References

lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html

research.eeye.com/html/advisories/published/AD20061205.html

secunia.com/advisories/23233

securitytracker.com/id?1017340

www.adobe.com/support/security/bulletins/apsb06-19.html

www.kb.cert.org/vuls/id/448569

www.securityfocus.com/archive/1/453636/100/0/threaded

www.securityfocus.com/archive/1/453755/100/0/threaded

www.securityfocus.com/bid/21453

www.vupen.com/english/advisories/2006/4867

www.zerodayinitiative.com/advisories/ZDI-06-044/

exchange.xforce.ibmcloud.com/vulnerabilities/30742

8.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.816 High

EPSS

Percentile

98.4%

JSON

Related for CVE-2006-5856

checkpoint_advisories1 cert1 kaspersky1 zdi1 cvelist1 nessus1