Vulnerability Details CVE-2006-4626
Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and directory names whose concatenation triggers the overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.049
EPSS Ranking 89.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/21794
- http://www.hustlelabs.com/advisories/04072006_alwil.pdf
- http://www.securityfocus.com/bid/19903
- http://www.vupen.com/english/advisories/2006/3515
- http://secunia.com/advisories/21794
- http://www.hustlelabs.com/advisories/04072006_alwil.pdf
- http://www.securityfocus.com/bid/19903
- http://www.vupen.com/english/advisories/2006/3515
Products affected by CVE-2006-4626
-
cpe:2.3:a:alwil:avast_antivirus:*
-
cpe:2.3:a:alwil:avast_antivirus:4.0.168
-
cpe:2.3:a:alwil:avast_antivirus:4.0.172
-
cpe:2.3:a:alwil:avast_antivirus:4.0.183
-
cpe:2.3:a:alwil:avast_antivirus:4.0.202
-
cpe:2.3:a:alwil:avast_antivirus:4.0.211
-
cpe:2.3:a:alwil:avast_antivirus:4.0.229
-
cpe:2.3:a:alwil:avast_antivirus:4.0.235
-
cpe:2.3:a:alwil:avast_antivirus:4.1.260
-
cpe:2.3:a:alwil:avast_antivirus:4.1.268
-
cpe:2.3:a:alwil:avast_antivirus:4.1.278
-
cpe:2.3:a:alwil:avast_antivirus:4.1.287
-
cpe:2.3:a:alwil:avast_antivirus:4.1.289
-
cpe:2.3:a:alwil:avast_antivirus:4.1.304
-
cpe:2.3:a:alwil:avast_antivirus:4.1.319
-
cpe:2.3:a:alwil:avast_antivirus:4.1.335
-
cpe:2.3:a:alwil:avast_antivirus:4.1.342
-
cpe:2.3:a:alwil:avast_antivirus:4.1.357
-
cpe:2.3:a:alwil:avast_antivirus:4.1.389
-
cpe:2.3:a:alwil:avast_antivirus:4.1.396
-
cpe:2.3:a:alwil:avast_antivirus:4.1.412
-
cpe:2.3:a:alwil:avast_antivirus:4.1.418
-
cpe:2.3:a:alwil:avast_antivirus:4.1.501
-
cpe:2.3:a:alwil:avast_antivirus:4.5.518
-
cpe:2.3:a:alwil:avast_antivirus:4.5.549
-
cpe:2.3:a:alwil:avast_antivirus:4.5.561
-
cpe:2.3:a:alwil:avast_antivirus:4.6.603
-
cpe:2.3:a:alwil:avast_antivirus:4.6.623