CVE-2006-2200 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Mimms

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents7 sources

Severity

5.1MEDIUMNVD

EPSS

3.5%

top 12.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mimms Xine Xine-lib

Timeline

PublishedJun 28

Latest updateMay 1

Description

Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-lib 1.1.0 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_data, and (4) get_media_packet functions, and possibly other functions.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages2 packages

▶NVDmimms/mimms0.0.9

▶NVDxine/xine-lib1.1.0

🔴Vulnerability Details

GHSA

GHSA-w7h3-c9rv-r2c9: Stack-based buffer overflow in libmms, as used by (a) MiMMS 0↗2022-05-01

▶

OSV

CVE-2006-2200: Stack-based buffer overflow in libmms, as used by (a) MiMMS 0↗2006-06-28

▶

CVEList

CVE-2006-2200: Stack-based buffer overflow in libmms, as used by (a) MiMMS 0↗2006-06-27

▶

💥Exploits & PoCs

Exploit-DB

Intel 2200BG 802.11 - Beacon frame Kernel Memory Corruption↗2006-12-19

▶

📋Vendor Advisories

Ubuntu

libmms vulnerability↗2006-07-06

▶

Debian

CVE-2006-2200: libmms - Stack-based buffer overflow in libmms, as used by (a) MiMMS 0.0.9 and (b) xine-l...↗2006

▶