Skip to main content

CVE-2006-2458

Severity Medium
Score 4/10

Summary

Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c).

  • HIGH
  • NETWORK
  • NONE
  • PARTIAL
  • PARTIAL
  • NONE

References

Advisory Timeline

  • Published