Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-6293

CWE-119Buffer Overflow4 documents4 sources
Severity
7.5HIGH
EPSS
13.0%
top 5.92%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
F-prot F-prot Antivirus
Timeline
PublishedDec 5
Latest updateMay 1

Description

Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to execute arbitrary code via a crafted CHM file. NOTE: this issue has at least a partial overlap with CVE-2006-6294.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-vvmj-m42h-hf7v: Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 42022-05-01
CVEList
CVE-2006-6293: Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 42006-12-05

💥Exploits & PoCs

1
Exploit-DB
F-Prot AntiVirus 4.6.6 - CHM Heap Overflow (PoC)2006-12-04
CVE-2006-6293 (HIGH CVSS 7.5) | Heap-based buffer overflow in FRISK | cvebase.io