Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-7157

CWE-119Buffer Overflow4 documents4 sources
Severity
7.1HIGH
EPSS
7.0%
top 8.52%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Google Earth
Timeline
PublishedMar 7
Latest updateMay 1

Description

Buffer overflow in Google Earth v4.0.2091 (beta) allows remote user-assisted attackers to cause a denial of service (crash) via a KML or KMZ file with a long href element.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

NVDgoogle/earth4.0.2091

🔴Vulnerability Details

2
GHSA
GHSA-2j79-8rwp-pjrp: Buffer overflow in Google Earth v42022-05-01
CVEList
CVE-2006-7157: Buffer overflow in Google Earth v42007-03-07

💥Exploits & PoCs

1
Exploit-DB
Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow2006-09-14
CVE-2006-7157 (HIGH CVSS 7.1) | Buffer overflow in Google Earth v4. | cvebase.io