CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6627

Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA Server and Exchange 5.5 through 2003; allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow, aka the "cevakrnl.xmd vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.095

EPSS Ranking 92.4%

CVSS Severity

CVSS v2 Score 10.0

References

Products affected by CVE-2006-6627

Softwin » Bitdefender » Version: isa_server

cpe:2.3:a:softwin:bitdefender:isa_server
Softwin » Bitdefender » Version: ms_exchange_2000

cpe:2.3:a:softwin:bitdefender:ms_exchange_2000
Softwin » Bitdefender » Version: ms_exchange_2003

cpe:2.3:a:softwin:bitdefender:ms_exchange_2003
Softwin » Bitdefender » Version: ms_exchange_5.5

cpe:2.3:a:softwin:bitdefender:ms_exchange_5.5
Softwin » Bitdefender Antivirus » Version: Any

cpe:2.3:a:softwin:bitdefender_antivirus:*
Softwin » Bitdefender Antivirus » Version: plus

cpe:2.3:a:softwin:bitdefender_antivirus:plus
Softwin » Bitdefender Internet Security » Version: Any

cpe:2.3:a:softwin:bitdefender_internet_security:*
Softwin » Bitdefender Mail Protection » Version: enterprises

cpe:2.3:a:softwin:bitdefender_mail_protection:enterprises
Softwin » Bitdefender Online Scanner » Version: Any

cpe:2.3:a:softwin:bitdefender_online_scanner:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6627

Products

Pricing

Contact Us