9.3

CVE-2006-4221

Exploit
Stack-based buffer overflow in the IBM Access Support eGatherer ActiveX control before 3.20.0284.0 allows remote attackers to execute arbitrary code via a long filename parameter to the RunEgatherer method.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmEgatherer Version2.0.16
IbmEgatherer Version2.42.243
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.41% 0.943
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/21528
Patch
Vendor Advisory
http://securityreason.com/securityalert/1424
http://securitytracker.com/id?1016705
http://www.eeye.com/html/research/advisories/AD20060816.html
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/380277
US Government Resource
http://www.securityfocus.com/archive/1/443471/100/0/threaded
http://www.securityfocus.com/archive/1/444899/100/100/threaded
http://www.securityfocus.com/bid/19554
Patch
Exploit
http://www.vupen.com/english/advisories/2006/3305
https://exchange.xforce.ibmcloud.com/vulnerabilities/28418