Vulnerability Details : CVE-2006-0460
Public exploit exists!
Multiple buffer overflows in BomberClone before 0.11.6.2 allow remote attackers to execute arbitrary code via long error messages.
Vulnerability category: Execute code
Products affected by CVE-2006-0460
- cpe:2.3:a:bomberclone:bomberclone:0.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.11.4:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.9.9:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.11.5:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.11.6:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:bomberclone:bomberclone:0.9.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-0460
77.94%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2006-0460
-
Bomberclone 0.11.6 Buffer Overflow
Disclosure Date: 2006-02-16First seen: 2020-04-26exploit/windows/misc/bomberclone_overflowThis module exploits a stack buffer overflow in Bomberclone 0.11.6 for Windows. The return address is overwritten with lstrcpyA memory address, the second and third value are the destination buffer, the fourth value is the source address of our buffer in the stack.
CVSS scores for CVE-2006-0460
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-0460
-
http://www.debian.org/security/2006/dsa-997
[SECURITY] [DSA 997-1] New bomberclone packages fix arbitrary code execution
-
http://secunia.com/advisories/18914
About Secunia Research | Flexera
-
http://secunia.com/advisories/18915
About Secunia Research | Flexera
-
http://www.vupen.com/english/advisories/2006/0643
Site en construction
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/24764
BomberClone error message buffer overflow CVE-2006-0460 Vulnerability Report
-
http://www.gentoo.org/security/en/glsa/glsa-200602-09.xml
BomberClone: Remote execution of arbitrary code (GLSA 200602-09) — Gentoo securityPatch;Vendor Advisory
-
http://secunia.com/advisories/19210
About Secunia Research | Flexera
-
http://www.securityfocus.com/bid/16697
BomberClone Error Messages Buffer Overflow Vulnerability
-
http://www.osvdb.org/23263
404 Not Found
Jump to