Lucene search

K
cve[email protected]CVE-2006-0051
HistoryApr 05, 2006 - 10:04 a.m.

CVE-2006-0051

2006-04-0510:04:00
web.nvd.nist.gov
30
cve-2006-0051
buffer overflow
kaffeine player
remote playlists
http request headers

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.038 Low

EPSS

Percentile

92.0%

Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is “fetching remote playlists”, which triggers the overflow in the http_peek function.

Affected configurations

NVD
Node
kaffeinekaffeine_playerMatch0.4.2
OR
kaffeinekaffeine_playerMatch0.4.3
OR
kaffeinekaffeine_playerMatch0.4.3b
OR
kaffeinekaffeine_playerMatch0.5_rc1
OR
kaffeinekaffeine_playerMatch0.7.1

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.038 Low

EPSS

Percentile

92.0%