CVE-2006-1900 - Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions

CVE-2006-1900

Summary

Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of the TEXTAREA element, and (3) the COLOR attribute of the LEGEND element; and via other unspecified attack vectors consisting of "dozens of possible snippets."

References

Vulnerable Configurations

cpe:2.3:a:w3c:amaya:9.4:*:*:*:*:*:*:*
cpe:2.3:a:w3c:amaya:9.4:*:*:*:*:*:*:*

CVSS

Base:	7.6 (as of 18-10-2018 - 16:37)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:H/Au:N/C:C/I:C/A:C

refmap via4

bid	17507
bugtraq	20060412 [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 20060412 [BuHa-Security] Stack Based Buffer Overflow Vulnerability in Amaya 9.4 #2
misc	http://morph3us.org/advisories/20060412-amaya-94-2.txt http://morph3us.org/advisories/20060412-amaya-94.txt
osvdb	24623 24624
secunia	19670
vupen	ADV-2006-1351
xf	amaya-various-attribute-bo(25791)

Last major update

18-10-2018 - 16:37

Published

20-04-2006 - 10:02

Last modified

18-10-2018 - 16:37