CVE-2006-6676

2006-12-21 02:28:00 2018-10-17 23:49:22

Integer overflow in the (a) OLE2 and (b) CHM parsers for ESET NOD32 Antivirus before 1.1743 allows remote attackers to execute arbitrary code via a crafted (1) .DOC or (2) .CAB file that triggers a heap-based buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Eset software Nod32 antivirus 1.1742 (not an official CPE) Eset software Nod32 antivirus 1.0.13 (not an official CPE) Eset software Nod32 antivirus 1.0.12 (not an official CPE) Eset software Nod32 antivirus 1.0.11 (not an official CPE)

Eset software - Nod32 antivirus

Advisory	Patch	Confirmed	Link
			ADV-2006-5095
			21682
			20061221 NOD32 Antivirus CAB parsing Arbitrary Code Exec...
			2079
			20061220 NOD32 Antivirus DOC parsing Arbitrary Code Exec...
			http://eset.com/support/updates.php?pageno=63

CVE-2006-6676

2006-12-21 02:28:00 2018-10-17 23:49:22

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)