CVE-2006-0051
Severity Score
5.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in playlistimport.cpp in Kaffeine Player 0.4.2 through 0.7.1 allows user-assisted attackers to execute arbitrary code via long HTTP request headers when Kaffeine is "fetching remote playlists", which triggers the overflow in the http_peek function.
Desbordamiento de búfer en playlistimport.cpp en Kaffein Player 0.4.2 a 0.7.1 permite a atacantes con implicación del usuario ejecutar código de su elección mediante peticiones HTTP largas cuando Kaffeine está "obteniendo listas de reproducción remotas", lo que que dispara un desbordamiento de búfer en la función http_peek.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-12-28 CVE Reserved
- 2006-04-05 CVE Published
- 2024-07-25 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (17)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/19540 | Third Party Advisory | |
| http://secunia.com/advisories/19542 | Third Party Advisory | |
| http://secunia.com/advisories/19549 | Third Party Advisory | |
| http://secunia.com/advisories/19557 | Third Party Advisory | |
| http://secunia.com/advisories/19571 | Third Party Advisory | |
| http://securitytracker.com/id?1015863 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/430319/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/17372 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2006/1229 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/25631 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/19525 | 2018-10-19 | |
| http://www.kde.org/info/security/advisory-20060404-1.txt | 2018-10-19 |
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2006/dsa-1023 | 2018-10-19 | |
| http://www.gentoo.org/security/en/glsa/glsa-200604-04.xml | 2018-10-19 | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2006:065 | 2018-10-19 | |
| http://www.novell.com/linux/security/advisories/2006_08_sr.html | 2018-10-19 | |
| https://usn.ubuntu.com/268-1 | 2018-10-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Kaffeine Search vendor "Kaffeine" | Kaffeine Player Search vendor "Kaffeine" for product "Kaffeine Player" | 0.4.2 Search vendor "Kaffeine" for product "Kaffeine Player" and version "0.4.2" | - |
Affected
| ||||||
| Kaffeine Search vendor "Kaffeine" | Kaffeine Player Search vendor "Kaffeine" for product "Kaffeine Player" | 0.4.3 Search vendor "Kaffeine" for product "Kaffeine Player" and version "0.4.3" | - |
Affected
| ||||||
| Kaffeine Search vendor "Kaffeine" | Kaffeine Player Search vendor "Kaffeine" for product "Kaffeine Player" | 0.4.3b Search vendor "Kaffeine" for product "Kaffeine Player" and version "0.4.3b" | - |
Affected
| ||||||
| Kaffeine Search vendor "Kaffeine" | Kaffeine Player Search vendor "Kaffeine" for product "Kaffeine Player" | 0.5_rc1 Search vendor "Kaffeine" for product "Kaffeine Player" and version "0.5_rc1" | - |
Affected
| ||||||
| Kaffeine Search vendor "Kaffeine" | Kaffeine Player Search vendor "Kaffeine" for product "Kaffeine Player" | 0.7.1 Search vendor "Kaffeine" for product "Kaffeine Player" and version "0.7.1" | - |
Affected
| ||||||