5.1
CVE-2006-2085
- EPSS 4.14%
- Veröffentlicht 29.04.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:24:19
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple buffer overflows in (1) CxAce60.dll and (2) CxAce60u.dll in SpeedProject Squeez 5.10 Build 4460, and SpeedCommander 10.52 Build 4450 and 11.01 Build 4450, allow user-assisted remote attackers to execute arbitrary code via an ACE archive that contains a file with a long filename.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Speedproject ≫ Speedcommander Version10.52_build4450
Speedproject ≫ Speedcommander Version11.01_build4450
Speedproject ≫ Squeez Version5.10_build_4460
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.14% | 0.895 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.1 | 4.9 | 6.4 |
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/19473
http://secunia.com/secunia_research/2006-23/advisory
http://securityreason.com/securityalert/820
http://securitytracker.com/id?1016002
http://securitytracker.com/id?1016003
http://www.osvdb.org/24990
http://www.securityfocus.com/archive/1/432101/100/0/threaded
http://www.securityfocus.com/bid/17709
http://www.speedproject.de/enu/
http://www.vupen.com/english/advisories/2006/1535
https://exchange.xforce.ibmcloud.com/vulnerabilities/26115