Vulnerabilities > CVE-2006-2007 - Heap Overflow vulnerability in Winny File Transfer

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

winny

NVD

Published: 2006-04-25

Updated: 2017-07-20

Summary

Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrary code via long strings to certain commands sent to the file transfer port.

Vulnerable Configurations

Part	Description	Count
Application	Winny Winny Winny 2.0B5.7 Winny Winny 2.0B7.1	2

References

http://jvn.jp/jp/JVN%2374294680/index.html
http://secunia.com/advisories/19795
http://www.eeye.com/html/research/advisories/AD20060421.html
http://www.kb.cert.org/vuls/id/167033
http://www.osvdb.org/24883
http://www.securityfocus.com/bid/17666
http://www.vupen.com/english/advisories/2006/1486
https://exchange.xforce.ibmcloud.com/vulnerabilities/25986