CVE-2006-4438

Published Sep 20, 2006

Last updated 14 years ago

Overview

Description: Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.4
Impact score: 4.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:doctor_web_ltd:dr.web:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D61774C-9B40-4670-8E9B-54C87A930129",
            "versionEndIncluding": "4.33_for_linux"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References