Vulnerability Details CVE-2006-2366
ircp_io.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user when overwriting files, which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Transfer session.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.5%
CVSS Severity
CVSS v2 Score 2.6
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366484
- http://secunia.com/advisories/20302
- http://www.securityfocus.com/bid/17921
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26686
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366484
- http://secunia.com/advisories/20302
- http://www.securityfocus.com/bid/17921
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26686