Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2910


Vulnerability Score 5.1 5.1
CVE Id CVE-2006-2910
Last Modified 07 Mar 2011 09:37:17
Published 05 Jul 2006 02:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



Buffer overflow in jetAudio (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed.

Vulnerable Systems


  • Cowon America Jetaudio Basic


XF - jetaudio-tooltip-idtag-bo(27593)

VUPEN - ADV-2006-2667

BID - 18825


SECUNIA - 19456

Last Updated: 27 May 2016 10:42:48