1. CVE-Search
  2. CVE-2006-4626
ID CVE-2006-4626
Summary Heap-based buffer overflow in alwil avast! Anti-virus Engine before 4.7.869 allows remote attackers to execute arbitrary code via a crafted LHA file that contains extended headers with file and directory names whose concatenation triggers the overflow. This vulnerability is addressed in the following product releases: ALWIL, avast! antivirus, 4.7.869 (for Desktops) ALWIL, avast! antivirus, Server 4.7.660 (for Servers)
References
Vulnerable Configurations
  • cpe:2.3:a:alwil:avast_antivirus:4.0.168:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.0.168:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.0.172:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.0.172:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.0.183:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.0.183:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.0.202:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.0.202:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.0.211:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.0.211:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.0.229:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.0.229:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.0.235:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.0.235:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.260:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.260:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.268:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.268:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.278:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.278:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.287:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.287:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.289:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.289:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.304:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.304:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.319:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.319:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.335:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.335:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.342:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.342:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.357:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.357:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.389:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.389:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.396:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.396:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.412:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.412:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.418:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.418:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.1.501:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.1.501:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.5.518:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.5.518:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.5.549:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.5.549:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.5.561:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.5.561:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:*:*:server:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:*:*:server:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.6.603:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.6.603:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:4.6.623:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:4.6.623:*:*:*:*:*:*:*
  • cpe:2.3:a:alwil:avast_antivirus:*:*:*:*:*:*:*:*
    cpe:2.3:a:alwil:avast_antivirus:*:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 08-03-2011 - 02:41)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 19903
misc http://www.hustlelabs.com/advisories/04072006_alwil.pdf
secunia 21794
vupen ADV-2006-3515
Last major update 08-03-2011 - 02:41
Published 07-09-2006 - 21:04
Last modified 08-03-2011 - 02:41
Back to Top