CVE-2006-2409

EPSS 0.89%
Veröffentlicht 16.05.2006 10:02:00
Zuletzt bearbeitet 16.06.2026 22:24:57
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 11

NVD 27 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Raydium ≫ Raydium Versionsvn_revision_283

Raydium ≫ Raydium Versionsvn_revision_284

Raydium ≫ Raydium Versionsvn_revision_285

Raydium ≫ Raydium Versionsvn_revision_286

Raydium ≫ Raydium Versionsvn_revision_287

Raydium ≫ Raydium Versionsvn_revision_288

Raydium ≫ Raydium Versionsvn_revision_289

Raydium ≫ Raydium Versionsvn_revision_290

Raydium ≫ Raydium Versionsvn_revision_291

Raydium ≫ Raydium Versionsvn_revision_292

Raydium ≫ Raydium Versionsvn_revision_293

Raydium ≫ Raydium Versionsvn_revision_294

Raydium ≫ Raydium Versionsvn_revision_295

Raydium ≫ Raydium Versionsvn_revision_296

Raydium ≫ Raydium Versionsvn_revision_297

Raydium ≫ Raydium Versionsvn_revision_298

Raydium ≫ Raydium Versionsvn_revision_299

Raydium ≫ Raydium Versionsvn_revision_300

Raydium ≫ Raydium Versionsvn_revision_301

Raydium ≫ Raydium Versionsvn_revision_302

Raydium ≫ Raydium Versionsvn_revision_303

Raydium ≫ Raydium Versionsvn_revision_304

Raydium ≫ Raydium Versionsvn_revision_305

Raydium ≫ Raydium Versionsvn_revision_306

Raydium ≫ Raydium Versionsvn_revision_307

Raydium ≫ Raydium Versionsvn_revision_308

Raydium ≫ Raydium Versionsvn_revision_309

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.89%	0.548

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-134 Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

http://aluigi.altervista.org/adv/raydiumx-adv.txt

Vendor Advisory

http://raydium.org/svn.php

http://secunia.com/advisories/20097

Patch

Vendor Advisory

http://securityreason.com/securityalert/900

http://www.securityfocus.com/archive/1/433930/100/0/threaded

http://www.securityfocus.com/bid/17986

http://www.vupen.com/english/advisories/2006/1808

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/26514

https://nvd.nist.gov/vuln/detail/CVE-2006-2409

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-2409

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-2409

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2006-2409