// For flags

CVE-2006-6627

 

Severity Score

7.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA Server and Exchange 5.5 through 2003; allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow, aka the "cevakrnl.xmd vulnerability."

Desbordamiento de enteros en el fichero de la implementación del análisis sintáctico del paquete PE de los productos BitDefender anteriores a la 20060829,incluyendo Antivirus, Antivirus Plus, Internet Security, Mail Protection para Enterprises y Online Scanner, y los productos BitDefender para Microsoft ISA Server y Exchange 5.5 hasta el 2003, permite a atacantes remotos ejecutar código de su elección mediante un fichero modificado, que dispara un desbordamiento de búfer basado en pila, también conocido como "vulnerabilidad cevakrnl.xmd".

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-12-17 CVE Reserved
  • 2006-12-18 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Softwin
Search vendor "Softwin"
 Bitdefender
Search vendor "Softwin" for product "Bitdefender"
 isa_server
Search vendor "Softwin" for product "Bitdefender" and version "isa_server"
-
Affected
Softwin
Search vendor "Softwin"
 Bitdefender
Search vendor "Softwin" for product "Bitdefender"
 ms_exchange_5.5
Search vendor "Softwin" for product "Bitdefender" and version "ms_exchange_5.5"
-
Affected
Softwin
Search vendor "Softwin"
 Bitdefender
Search vendor "Softwin" for product "Bitdefender"
 ms_exchange_2000
Search vendor "Softwin" for product "Bitdefender" and version "ms_exchange_2000"
-
Affected
Softwin
Search vendor "Softwin"
 Bitdefender
Search vendor "Softwin" for product "Bitdefender"
 ms_exchange_2003
Search vendor "Softwin" for product "Bitdefender" and version "ms_exchange_2003"
-
Affected
Softwin
Search vendor "Softwin"
 Bitdefender Antivirus
Search vendor "Softwin" for product "Bitdefender Antivirus"
*-
Affected
Softwin
Search vendor "Softwin"
 Bitdefender Antivirus
Search vendor "Softwin" for product "Bitdefender Antivirus"
 plus
Search vendor "Softwin" for product "Bitdefender Antivirus" and version "plus"
-
Affected
Softwin
Search vendor "Softwin"
 Bitdefender Internet Security
Search vendor "Softwin" for product "Bitdefender Internet Security"
*-
Affected
Softwin
Search vendor "Softwin"
 Bitdefender Mail Protection
Search vendor "Softwin" for product "Bitdefender Mail Protection"
 enterprises
Search vendor "Softwin" for product "Bitdefender Mail Protection" and version "enterprises"
-
Affected
Softwin
Search vendor "Softwin"
 Bitdefender Online Scanner
Search vendor "Softwin" for product "Bitdefender Online Scanner"
*-
Affected