Lucene search

K
jvnJapan Vulnerability NotesJVN:74294680
HistoryApr 21, 2006 - 12:00 a.m.

JVN#74294680 Winny buffer overflow vulnerability

2006-04-2100:00:00
Japan Vulnerability Notes
jvn.jp
8

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.358 Low

EPSS

Percentile

97.2%

Impact

If a remote attacker sends a malicious packet, Winny will crash.
It is publicly reported that arbitrary code may be executed with the privilege running Winny.

Solution

Products Affected

  • Winny 2.0 b7.1 and earlier
    As of May 25, 2006, exploit information is publicly available. Currently we are not aware of any attacks. It is recommended that users avoid using Winny.

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.358 Low

EPSS

Percentile

97.2%