CVE-2006-1356
published 2006-03-22CVE-2006-1356: Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file…
PriorityP421medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
4.38%
90.1th percentile
Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file (e.g. contacts.vcf) containing a long line.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| andrew_hsu | libvc | — | — |
| andrew_hsu | libvc | >= 0 < 003-4 | 003-4 |
| andrew_hsu | libvc | >= 0 < 003-4 | 003-4 |
| andrew_hsu | libvc | >= 0 < 003-4 | 003-4 |
| andrew_hsu | libvc | >= 0 < 003-4 | 003-4 |
| andrew_hsu | rolo | — | — |
| debian | libvc | < libvc 003-4 (bookworm) | libvc 003-4 (bookworm) |
CVSS provenance
nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM
vendor_debian5.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q25q-j6qv-cjrj: Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a v
ghsa_unreviewed·2022-05-01
CVE-2006-1356 [MEDIUM] GHSA-q25q-j6qv-cjrj: Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a v
Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file (e.g. contacts.vcf) containing a long line.
OSV
CVE-2006-1356: Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a v
osv·2006-03-22·CVSS 5.1
CVE-2006-1356 [MEDIUM] CVE-2006-1356: Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a v
Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file (e.g. contacts.vcf) containing a long line.
Debian
CVE-2006-1356: libvc - Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in ...
vendor_debian·2006·CVSS 5.1
CVE-2006-1356 [MEDIUM] CVE-2006-1356: libvc - Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in ...
Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file (e.g. contacts.vcf) containing a long line.
Scope: local
bookworm: resolved (fixed in 003-4)
bullseye: resolved (fixed in 003-4)
forky: resolved (fixed in 003-4)
sid: resolved (fixed in 003-4)
trixie: resolved (fixed in 003-4)
No detection rules found.
No writeups or analysis indexed.
http://osvdb.org/ref/23/23985-libvc.txthttp://secunia.com/advisories/19295http://www.osvdb.org/23985http://www.securityfocus.com/bid/17237https://exchange.xforce.ibmcloud.com/vulnerabilities/25430http://osvdb.org/ref/23/23985-libvc.txthttp://secunia.com/advisories/19295http://www.osvdb.org/23985http://www.securityfocus.com/bid/17237https://exchange.xforce.ibmcloud.com/vulnerabilities/25430
2006-03-22
Published