CVE-2006-4024
The CVE-2006-4024 vulnerability affects Festalon (versions 0.5.0–0.5.5), where FESTAHES_Load in pce/hes.c accepts a negative LoadAddr in a HES file. This value is used as an offset in a memcpy, enabling a buffer underflow that can crash the process and potentially allow arbitrary code execution b...