Vulnerabilities > CVE-2006-0474 - Remote Integer Overflow vulnerability in Shareaza 2.2.1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple integer overflows in Shareaza 2.2.1.0 allow remote attackers to execute arbitrary code via (1) a large packet length field, which causes an overflow in the ReadBuffer function in (a) BTPacket.cpp and (b) EDPacket.cpp, or (2) a large packet, which causes a heap-based overflow in the Write function in (c) Packet.h.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0887.html
- http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/BTPacket.cpp?r1=1.5&r2=1.5.4.1
- http://cvs.sourceforge.net/viewcvs.py/shareaza/shareaza/EDPacket.cpp?r1=1.15&r2=1.15.2.1
- http://securityreason.com/securityalert/382
- http://www.hustlelabs.com/shareaza_advisory.pdf
- http://www.securityfocus.com/archive/1/423293/100/0/threaded
- http://www.securityfocus.com/bid/16399
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24342
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24343
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24344