Home > Vulnerability Database > CVE-2006-2802

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2006-2802

Date: June 3, 2006

Buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib 1.1.1 allows remote attackers to cause a denial of service (application crash) via a long reply from an HTTP server, as demonstrated using gxine 0.5.6.

Severity Score

5.3

Related Resources (17)

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:108

Url: http://www.debian.org/security/2006/dsa-1105

Url: http://security.gentoo.org/glsa/glsa-200609-08.xml

Url: http://www.securityfocus.com/bid/18187

Url: http://secunia.com/advisories/20549

Url: http://secunia.com/advisories/20828

Url: http://www.osvdb.org/25936

Url: https://www.exploit-db.com/exploits/1852

Url: http://secunia.com/advisories/21919

Url: https://usn.ubuntu.com/295-1/

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-2802

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/26972

Url: http://secunia.com/advisories/20369

Url: http://secunia.com/advisories/20942

Url: http://secunia.com/advisories/20766

Url: http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html

Url: https://www.mend.io/vulnerability-database/CVE-2006-2802

Severity Score

5.3

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us