Integer Overflow Vulnerability in ESET NOD32 Antivirus Product
CVE-2006-6676

Currently unrated

Key Information:

Vendor: Eset Software
Status: Nod32 Antivirus
Vendor: CVE Published:; 21 December 2006

🔔 Create Eset Software Vulnerability Alert

What is CVE-2006-6676?

A vulnerability in ESET NOD32 Antivirus occurs due to an integer overflow in the OLE2 and CHM file parsers. This flaw allows remote attackers to execute arbitrary code by crafting malicious .DOC or .CAB files, leading to a heap-based buffer overflow when these special files are processed by the antivirus software. Users of affected versions are encouraged to update their software to mitigate this security risk.

References

http://www.securityfocus.com/archive/1/455045/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/454949/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.vupen.com/english/advisories/2006/5095

vdb-entryx_refsource_VUPEN

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 21, 2006
Vulnerability Reserved
Dec 20, 2006

JSON