Lucene search

MitreCVE-2006-5856

HistoryDec 06, 2006 - 7:28 p.m.

CVE-2006-5856

2006-12-0619:28:00

mitre

web.nvd.nist.gov

cve-2006-5856

stack-based buffer overflow

adobe download manager

remote code execution

dm.ini file

aom file

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.816

Percentile

98.4%

JSON

Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file.

Affected configurations

Nvd

Node

adobedownload_managerRange≤2.1

VendorProductVersionCPE
adobedownload_manager*cpe:2.3:a:adobe:download_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	download_manager	*	cpe:2.3:a:adobe:download_manager::::::::

References

lists.grok.org.uk/pipermail/full-disclosure/2006-December/051114.html

research.eeye.com/html/advisories/published/AD20061205.html

secunia.com/advisories/23233

securitytracker.com/id?1017340

www.adobe.com/support/security/bulletins/apsb06-19.html

www.kb.cert.org/vuls/id/448569

www.securityfocus.com/archive/1/453636/100/0/threaded

www.securityfocus.com/archive/1/453755/100/0/threaded

www.securityfocus.com/bid/21453

www.vupen.com/english/advisories/2006/4867

www.zerodayinitiative.com/advisories/ZDI-06-044/

exchange.xforce.ibmcloud.com/vulnerabilities/30742

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.8

Confidence

Low

EPSS

0.816

Percentile

98.4%

JSON

Related for CVE-2006-5856