CVE-2006-2458
CVE-2006-2458
Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c).
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/1801unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://gnunet.org/libextractor/http://secunia.com/advisories/20150http://secunia.com/advisories/20160http://secunia.com/advisories/20326http://secunia.com/advisories/20457http://securityreason.com/securityalert/916http://securitytracker.com/id?1016118https://exchange.xforce.ibmcloud.com/vulnerabilities/26531https://exchange.xforce.ibmcloud.com/vulnerabilities/26532http://www.debian.org/security/2006/dsa-1081http://www.gentoo.org/security/en/glsa/glsa-200605-14.xmlhttp://www.novell.com/linux/security/advisories/2006-06-02.html