Lucene search

Kaspersky LabKLA10416

HistoryJul 07, 2006 - 12:00 a.m.

KLA10416 ACE vulnerability in eBay Enhanced Picture Services

2006-07-0700:00:00

Kaspersky Lab

threats.kaspersky.com

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.13 Low

EPSS

Percentile

95.5%

JSON

A buffer overflow was found in eBay Enhanced Picture Services. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed HTML

Original advisories

Related products

eBay-Enhanced-Picture-Services-ActiveX-Control

CVE list

CVE-2006-1176 critical

Solution

Update to latest version

Impacts

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

eBay Enhanced Picture Services versions earlier than 1.0.3.48

References

statistics.securelist.com/

threats.kaspersky.com/en/product/eBay-Enhanced-Picture-Services-ActiveX-Control/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.13 Low

EPSS

Percentile

95.5%

JSON

Related for KLA10416