Vulnerabilities > CVE-2006-2465 - Buffer Overflow vulnerability in Mp3Info 0.8.4
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description MP3Info 0.8.5a - Buffer Overflow. CVE-2006-2465. Dos exploit for linux platform id EDB-ID:31220 last seen 2016-02-03 modified 2014-01-27 published 2014-01-27 reporter jsacco source https://www.exploit-db.com/download/31220/ title MP3Info 0.8.5a - Buffer Overflow description MP3Info 0.8.5a - SEH Buffer Overflow Exploit. CVE-2006-2465. Local exploit for windows platform file exploits/windows/local/32358.pl id EDB-ID:32358 last seen 2016-02-03 modified 2014-03-19 platform windows port published 2014-03-19 reporter Ayman Sagy source https://www.exploit-db.com/download/32358/ title MP3Info 0.8.5a - SEH Buffer Overflow Exploit type local
Packetstorm
| data source | https://packetstormsecurity.com/files/download/125786/mp3info085a-overflow.txt |
| id | PACKETSTORM:125786 |
| last seen | 2016-12-05 |
| published | 2014-03-19 |
| reporter | Ayman Sagy |
| source | https://packetstormsecurity.com/files/125786/MP3Info-0.8.5-SEH-Buffer-Overflow.html |
| title | MP3Info 0.8.5 SEH Buffer Overflow |
References
- http://osvdb.org/show/osvdb/30945
- http://packetstormsecurity.com/files/124955/Mp3info-Stack-Buffer-Overflow.html
- http://packetstormsecurity.com/files/125786/MP3Info-0.8.5-SEH-Buffer-Overflow.html
- http://securitytracker.com/id?1016108
- http://www.exploit-db.com/exploits/32358
- http://www.securiteam.com/exploits/5GP0E15IKO.html
- http://www.securityfocus.com/bid/18016