Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2006-6627

Опубликовано: 18 дек. 2006
Источник: nvd
CVSS2: 10
EPSS Низкий

Описание

Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA Server and Exchange 5.5 through 2003; allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow, aka the "cevakrnl.xmd vulnerability."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:softwin:bitdefender:isa_server:*:*:*:*:*:*:*
cpe:2.3:a:softwin:bitdefender:ms_exchange_5.5:*:*:*:*:*:*:*
cpe:2.3:a:softwin:bitdefender:ms_exchange_2000:*:*:*:*:*:*:*
cpe:2.3:a:softwin:bitdefender:ms_exchange_2003:*:*:*:*:*:*:*
cpe:2.3:a:softwin:bitdefender_antivirus:*:*:*:*:*:*:*:*
cpe:2.3:a:softwin:bitdefender_antivirus:plus:*:*:*:*:*:*:*
cpe:2.3:a:softwin:bitdefender_internet_security:*:*:*:*:*:*:*:*
cpe:2.3:a:softwin:bitdefender_mail_protection:enterprises:*:*:*:*:*:*:*
cpe:2.3:a:softwin:bitdefender_online_scanner:*:*:*:*:*:*:*:*

EPSS

Процентиль: 93%
0.09863
Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-3gfm-x3mg-hww2

github
почти 4 года назад

Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA Server and Exchange 5.5 through 2003; allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow, aka the "cevakrnl.xmd vulnerability."

EPSS

Процентиль: 93%
0.09863
Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other