Vulnerability Details CVE-2006-3251
Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.019
EPSS Ranking 82.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/20800
- http://secunia.com/advisories/20846
- http://secunia.com/advisories/21146
- http://www.debian.org/security/2006/dsa-1114
- http://www.gentoo.org/security/en/glsa/glsa-200606-25.xml
- http://www.hashcash.org/source/CHANGELOG
- http://www.securityfocus.com/bid/18659
- http://www.vupen.com/english/advisories/2006/2551
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27422
- http://secunia.com/advisories/20800
- http://secunia.com/advisories/20846
- http://secunia.com/advisories/21146
- http://www.debian.org/security/2006/dsa-1114
- http://www.gentoo.org/security/en/glsa/glsa-200606-25.xml
- http://www.hashcash.org/source/CHANGELOG
- http://www.securityfocus.com/bid/18659
- http://www.vupen.com/english/advisories/2006/2551
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27422
Products affected by CVE-2006-3251
-
cpe:2.3:a:hashcash:hashcash:*
-
cpe:2.3:a:hashcash:hashcash:1.00
-
cpe:2.3:a:hashcash:hashcash:1.01
-
cpe:2.3:a:hashcash:hashcash:1.02
-
cpe:2.3:a:hashcash:hashcash:1.03
-
cpe:2.3:a:hashcash:hashcash:1.04
-
cpe:2.3:a:hashcash:hashcash:1.05
-
cpe:2.3:a:hashcash:hashcash:1.06
-
cpe:2.3:a:hashcash:hashcash:1.07
-
cpe:2.3:a:hashcash:hashcash:1.08
-
cpe:2.3:a:hashcash:hashcash:1.09
-
cpe:2.3:a:hashcash:hashcash:1.10
-
cpe:2.3:a:hashcash:hashcash:1.11
-
cpe:2.3:a:hashcash:hashcash:1.12
-
cpe:2.3:a:hashcash:hashcash:1.13
-
cpe:2.3:a:hashcash:hashcash:1.14
-
cpe:2.3:a:hashcash:hashcash:1.15
-
cpe:2.3:a:hashcash:hashcash:1.16
-
cpe:2.3:a:hashcash:hashcash:1.17
-
cpe:2.3:a:hashcash:hashcash:1.18
-
cpe:2.3:a:hashcash:hashcash:1.19