Vulnerability Details : CVE-2006-3251

Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries.

Vulnerability category: OverflowExecute code

Published 2006-06-27 18:05:00

Updated 2017-07-20 01:32:10

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2006-3251

Probability of exploitation activity in the next 30 days: 2.02%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 87 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-3251

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2006-3251

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: [email protected] (Primary)

References for CVE-2006-3251

Products affected by CVE-2006-3251

Hashcash » Hashcash
Versions up to, including, (<=) 1.20
cpe:2.3:a:hashcash:hashcash:*:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.15
cpe:2.3:a:hashcash:hashcash:1.15:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.14
cpe:2.3:a:hashcash:hashcash:1.14:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.16
cpe:2.3:a:hashcash:hashcash:1.16:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.04
cpe:2.3:a:hashcash:hashcash:1.04:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.05
cpe:2.3:a:hashcash:hashcash:1.05:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.13
cpe:2.3:a:hashcash:hashcash:1.13:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.02
cpe:2.3:a:hashcash:hashcash:1.02:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.03
cpe:2.3:a:hashcash:hashcash:1.03:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.11
cpe:2.3:a:hashcash:hashcash:1.11:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.12
cpe:2.3:a:hashcash:hashcash:1.12:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.19
cpe:2.3:a:hashcash:hashcash:1.19:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.06
cpe:2.3:a:hashcash:hashcash:1.06:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.07
cpe:2.3:a:hashcash:hashcash:1.07:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.08
cpe:2.3:a:hashcash:hashcash:1.08:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.00
cpe:2.3:a:hashcash:hashcash:1.00:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.01
cpe:2.3:a:hashcash:hashcash:1.01:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.09
cpe:2.3:a:hashcash:hashcash:1.09:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.10
cpe:2.3:a:hashcash:hashcash:1.10:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.17
cpe:2.3:a:hashcash:hashcash:1.17:*:*:*:*:*:*:*
Matching versions
Hashcash » Hashcash » Version: 1.18
cpe:2.3:a:hashcash:hashcash:1.18:*:*:*:*:*:*:*
Matching versions