1. CVE-Search
  2. CVE-2006-5856
ID CVE-2006-5856
Summary Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:download_manager:-:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:-:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.41:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.41:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.44:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.44:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.48:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.48:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.49:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.49:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.60:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.60:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.63:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.63:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.87:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.87:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.90:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.90:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.91:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.91:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.97:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.97:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.99:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.99:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.100:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.100:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.102:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.102:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:1.6.2.103:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:1.6.2.103:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:2.0.0.363:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:2.0.0.363:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:2.0.0.518:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:2.0.0.518:*:*:*:*:*:*:*
  • cpe:2.3:a:adobe:download_manager:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:download_manager:2.1:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 17-10-2018 - 21:45)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 21453
bugtraq
  • 20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability
  • 20061207 ZDI-06-044: Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability
cert-vn VU#448569
confirm http://www.adobe.com/support/security/bulletins/apsb06-19.html
fulldisc 20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability
misc
sectrack 1017340
secunia 23233
vupen ADV-2006-4867
xf adobe-download-aom-bo(30742)
Last major update 17-10-2018 - 21:45
Published 06-12-2006 - 19:28
Last modified 17-10-2018 - 21:45
Back to Top