CVEDB API

Vulnerability Details CVE-2006-4654

Format string vulnerability in Easy Address Book Web Server 1.2 allows remote attackers to cause a denial of service (crash) or "compromise the server" via encoded format string specifiers in the query string.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.047

EPSS Ranking 88.9%

CVSS Severity

CVSS v2 Score 5.1

References

http://secunia.com/advisories/21959
http://securityreason.com/securityalert/1529
http://www.securityfocus.com/archive/1/445262/100/0/threaded
http://www.securityfocus.com/bid/19842
https://exchange.xforce.ibmcloud.com/vulnerabilities/28752
http://secunia.com/advisories/21959
http://securityreason.com/securityalert/1529
http://www.securityfocus.com/archive/1/445262/100/0/threaded
http://www.securityfocus.com/bid/19842
https://exchange.xforce.ibmcloud.com/vulnerabilities/28752

Products affected by CVE-2006-4654

Efs Software » Easy Address Book Web Server » Version: 1.2

cpe:2.3:a:efs_software:easy_address_book_web_server:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4654

Products

Pricing

Contact Us