cbcvebase.
CVE-2006-1900
published 2006-04-20

CVE-2006-1900: Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to…

PriorityP347high7.6CVSS 2.0
AVNACHAuNCCICAC
EXPLOIT
EPSS
16.55%
96.6th percentile
Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of the TEXTAREA element, and (3) the COLOR attribute of the LEGEND element; and via other unspecified attack vectors consisting of "dozens of possible snippets."

Affected

1 ranges
VendorProductVersion rangeFixed in
w3camaya

CVSS provenance

nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vendor_cisco6.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.