CVE-2006-0339 - Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the

CVE-2006-0339

Summary

Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the publisher's name link is clicked, via a long publisher URI in a torrent file.

References

Vulnerable Configurations

cpe:2.3:a:bitcomet:bitcomet:0.60:*:*:*:*:*:*:*
cpe:2.3:a:bitcomet:bitcomet:0.60:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 19-10-2018 - 15:44)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	16311
bugtraq	20060118 Fortinet Advisory: BitComet URI Buffer Overflow Vulnerability 20060122 BitComet URI Proof of Concept
confirm	http://www.bitcomet.com/doc/changelog.htm
fulldisc	20060118 Fortinet Advisory: BitComet URI Buffer Overflow Vulnerability
misc	http://www.fortinet.com/FortiGuardCenter/FSA-2006-07.html
osvdb	22625
secunia	18522
sreason	357
vupen	ADV-2006-0251
xf	bitcomet-torrent-publisher-bo(24229)

Last major update

19-10-2018 - 15:44

Published

21-01-2006 - 00:03

Last modified

19-10-2018 - 15:44