Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2814


Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2814
Last Modified 07 Mar 2011 09:37:04
Published 05 Jun 2006 01:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Multiple buffer overflows in the (1) vGetPost and (2) main functions in easy-scart.c through easy-scart6.c in iShopCart allow remote attackers to execute arbitrary code by sending a large amount of data containing "Submit" in an sslinvoice action, and allow remote attackers to have an unknown impact via a large amount of posted data.

Vulnerable Systems


  • Ishopcart


VUPEN - ADV-2006-2108

BID - 18222

BUGTRAQ - 20060531 ishopcart cgi 0day and multiple vulnerabilities

XF - ishopcart-easyscart-bo(27014)

SREASON - 1031

SECUNIA - 20415

Last Updated: 27 May 2016 10:42:46