CVE-2006-6960
Severity Score
6.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archives, which allows remote attackers to bypass the malware detection via files with (1) RAR, (2) GZ, (3) TAR, (4) CAB, or (5) ACE compression.
La funcionalidad Compression Sweep (barrido de compresión) en WebRoot Spy Sweeper 4.5.9 y anteriores no maneja archivos no ZIP, lo cual permite a atacantes remotos evitar la detección de software malicioso mediante archivos con compresión (1) RAR, (2) GZ, (3) TAR, (4) CAB, o (5) ACE.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-01-29 CVE Reserved
- 2007-01-29 CVE Published
- 2024-06-23 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/archive/1/437814/100/200/threaded | Mailing List | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27266 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.osvdb.org/27536 | 2018-10-16 | |
| http://www.sentinel.gr/advisories/SGA-0001.txt | 2018-10-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Webroot Software Search vendor "Webroot Software" | Spy Sweeper Search vendor "Webroot Software" for product "Spy Sweeper" | <= 4.5.9 Search vendor "Webroot Software" for product "Spy Sweeper" and version " <= 4.5.9" | - |
Affected
| ||||||