// For flags

CVE-2006-2482

 

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Heap-based buffer overflow in the TZipTV component in (1) ZipTV for Delphi 7 2006.1.26 and for C++ Builder 2006-1.16, (2) PentaZip 8.5.1.190 and PentaSuite-PRO 8.5.1.221, and possibly other products, allows user-assisted attackers to execute arbitrary code via an ARJ archive with a long header. NOTE: the ACE archive vector is covered by CVE-2005-2856.

Desbordamiento de búfer basado en montón en el componente ZipTV en (1) ZipTV para Delphi 7 26/01/2006 y para C++ Builder 16/01/2006, (2) PentaZip 8.5.1.190 y PentaSuite-PRO 8.5.1.221,y posiblemente otros productos, permite a un atacante remoto con la complicidad del usuario ejecutar código de su elección a través de un archivo ARJ con una gran cabecera. NOTA: el archivo vector ACE está cubierto por CVE-2005-2856.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-05-19 CVE Reserved
  • 2006-09-08 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-04-27 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Microchip Data Systems
Search vendor "Microchip Data Systems"
Ziptv For C\+\+ Builder
Search vendor "Microchip Data Systems" for product "Ziptv For C\+\+ Builder"
2006.1.16
Search vendor "Microchip Data Systems" for product "Ziptv For C\+\+ Builder" and version "2006.1.16"
-
Affected
Microchip Data Systems
Search vendor "Microchip Data Systems"
Ziptv For Delphi 7
Search vendor "Microchip Data Systems" for product "Ziptv For Delphi 7"
2006.1.26
Search vendor "Microchip Data Systems" for product "Ziptv For Delphi 7" and version "2006.1.26"
-
Affected
Pentaware
Search vendor "Pentaware"
Pentasuite-pro
Search vendor "Pentaware" for product "Pentasuite-pro"
8.5.1.221
Search vendor "Pentaware" for product "Pentasuite-pro" and version "8.5.1.221"
-
Affected
Pentaware
Search vendor "Pentaware"
Pentazip
Search vendor "Pentaware" for product "Pentazip"
8.5.1.190
Search vendor "Pentaware" for product "Pentazip" and version "8.5.1.190"
-
Affected