Lucene search

[email protected]CVE-2006-6940

HistoryJan 17, 2007 - 11:28 a.m.

CVE-2006-6940

2007-01-1711:28:00

[email protected]

web.nvd.nist.gov

buffer overflow

clsowa.cls

pop3

smtp

owa

pop2owa

vulnerability

remote code execution

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.035 Low

EPSS

Percentile

91.6%

JSON

Buffer overflow in the ParseHeader function in clsOWA.cls in POP3/SMTP to OWA (pop2owa) 1.1.3 allows remote attackers to execute arbitrary code via a long header in an e-mail message.

Affected configurations

NVD

Node

owaowaMatch1.1.3

CPENameOperatorVersion
owa:owaowaeq1.1.3

CPE	Name	Operator	Version
owa:owa	owa	eq	1.1.3

References

sourceforge.net/project/shownotes.php?release_id=473941&group_id=152204

sourceforge.net/tracker/index.php?func=detail&aid=1621688&group_id=152204&atid=783596

www.vupen.com/english/advisories/2007/0160

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

Low

0.035 Low

EPSS

Percentile

91.6%

JSON

Related for CVE-2006-6940

cvelist1 nvd1