Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2814

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2814
Last Modified 07 Mar 2011 09:37:04
Published 05 Jun 2006 01:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2814

Summary

Multiple buffer overflows in the (1) vGetPost and (2) main functions in easy-scart.c through easy-scart6.c in iShopCart allow remote attackers to execute arbitrary code by sending a large amount of data containing "Submit" in an sslinvoice action, and allow remote attackers to have an unknown impact via a large amount of posted data.

Vulnerable Systems

Application

  • Ishopcart


References

VUPEN - ADV-2006-2108

BID - 18222

BUGTRAQ - 20060531 ishopcart cgi 0day and multiple vulnerabilities

XF - ishopcart-easyscart-bo(27014)

SREASON - 1031

SECUNIA - 20415


Last Updated: 27 May 2016 10:42:46