cbcvebase.
CVE-2006-1356
published 2006-03-22

CVE-2006-1356: Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file…

PriorityP421medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
4.38%
90.1th percentile
Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file (e.g. contacts.vcf) containing a long line.

Affected

7 ranges
VendorProductVersion rangeFixed in
andrew_hsulibvc
andrew_hsulibvc>= 0 < 003-4003-4
andrew_hsulibvc>= 0 < 003-4003-4
andrew_hsulibvc>= 0 < 003-4003-4
andrew_hsulibvc>= 0 < 003-4003-4
andrew_hsurolo
debianlibvc< libvc 003-4 (bookworm)libvc 003-4 (bookworm)

CVSS provenance

nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM
vendor_debian5.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.