| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.3 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as problematic, was found in F-Prot Antivirus. The affected element is an unknown function. Such manipulation leads to memory corruption. This vulnerability is referenced as CVE-2006-6293. Furthermore, an exploit is available. A patch should be applied to remediate this issue.
Details
A vulnerability was found in F-Prot Antivirus (Anti-Malware Software). It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to declare the problem leads to CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. Impacted is confidentiality, integrity, and availability. CVE summarizes:
Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to execute arbitrary code via a crafted CHM file. NOTE: this issue has at least a partial overlap with CVE-2006-6294.
The bug was discovered 11/24/2006. The weakness was published 11/15/2006 with GLEG Ltd. (Website). The advisory is available at gentoo.org. This vulnerability is handled as CVE-2006-6293 since 12/05/2006. Local access is required to approach this attack. No form of authentication is required for exploitation. Technical details are unknown but a public exploit is available.
After 3 weeks, there has been an exploit disclosed. The exploit is available at exploit-db.com. It is declared as proof-of-concept. As 0-day the estimated underground price was around $5k-$25k. The vulnerability scanner Nessus provides a plugin with the ID 23864 (GLSA-200612-12 : F-PROT Antivirus: Multiple vulnerabilities), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Gentoo Local Security Checks and running in the context l.
Applying a patch is able to eliminate this problem. The bugfix is ready for download at f-prot.com. A possible mitigation has been published 4 weeks after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (30707), Exploit-DB (2893), Tenable (23864), SecurityFocus (BID 21086†) and OSVDB (31299†). Similar entries are available at VDB-33664, VDB-33629 and VDB-84844. If you want to get best quality of vulnerability data, you may have to visit VulDB.
Product
Type
Vendor
Name
Version
- 3.11b
- 3.12
- 3.12a
- 3.12b
- 3.12c
- 3.12d
- 3.13
- 3.13a
- 3.14
- 3.14a
- 3.14b
- 3.14c
- 3.14d
- 3.14e
- 3.15
- 3.15a
- 3.15b
- 3.16
- 3.16a
- 3.16b
- 3.16c
- 3.16d
- 3.16e
- 3.16f
- 4.6.6
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.9VulDB Meta Temp Score: 5.3
VulDB Base Score: 5.9
VulDB Temp Score: 5.3
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Memory corruptionCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 23864
Nessus Name: GLSA-200612-12 : F-PROT Antivirus: Multiple vulnerabilities
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
Nessus Port: 🔍
OpenVAS ID: 57951
OpenVAS Name: Gentoo Security Advisory GLSA 200612-12 (f-prot)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Exploit Delay Time: 🔍
Patch: f-prot.com
Timeline
11/15/2006 🔍11/15/2006 🔍
11/15/2006 🔍
11/15/2006 🔍
11/20/2006 🔍
11/24/2006 🔍
12/04/2006 🔍
12/04/2006 🔍
12/05/2006 🔍
12/05/2006 🔍
12/12/2006 🔍
12/14/2006 🔍
12/18/2006 🔍
08/10/2024 🔍
Sources
Advisory: gentoo.orgOrganization: GLEG Ltd.
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2006-6293 (🔍)
GCVE (CVE): GCVE-0-2006-6293
GCVE (VulDB): GCVE-100-2690
X-Force: 30707
SecurityFocus: 21086 - F-PROT Antivirus CHM File Heap Buffer Overflow Vulnerability
Secunia: 23328 - Gentoo update for f-prot, Highly Critical
OSVDB: 31299 - Frisk F-PROT Antivirus Unspecified ACE File DoS
SecurityTracker: 1017331
Vulnerability Center: 13381 - FRISK F-Prot AntiVirus Buffer Overflow via CHM File, Medium
Vupen: ADV-2006-4830
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 11/20/2006 12:23Updated: 08/10/2024 21:15
Changes: 11/20/2006 12:23 (101), 07/12/2019 09:21 (1), 08/10/2024 21:15 (17)
Complete: 🔍
Cache ID: 216::103
If you want to get best quality of vulnerability data, you may have to visit VulDB.
No comments yet. Languages: en.
Please log in to comment.