Vulnerability Details CVE-2006-4438
Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.039
EPSS Ranking 87.9%
CVSS Severity
CVSS v2 Score 6.4
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049552.html
- http://secunia.com/advisories/22019
- http://www.securityfocus.com/bid/20119
- http://www.vupen.com/english/advisories/2006/3719
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049552.html
- http://secunia.com/advisories/22019
- http://www.securityfocus.com/bid/20119
- http://www.vupen.com/english/advisories/2006/3719
Products affected by CVE-2006-4438
-
cpe:2.3:a:doctor_web_ltd:dr.web:*