Buffer Overflow in Google Earth Leads to Service Disruption
CVE-2006-7157

Currently unrated

Key Information:

Vendor: Google
Status: Earth
Vendor: CVE Published:; 7 March 2007

What is CVE-2006-7157?

A buffer overflow vulnerability in the beta version of Google Earth (v4.0.2091) presents a risk of denial of service through the processing of KML or KMZ files containing excessively long href elements. This flaw enables remote attackers, when aided by the user, to disrupt the application’s functionality, potentially leading to crashes or unexpected behavior. Proper validation of incoming file data is crucial to safeguard against such exploits.

References

http://www.securityfocus.com/bid/20464

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/448544/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://securitydot.net/xpl/exploits/vulnerabilities/artic...

x_refsource_MISC

EPSS Score

6% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 7, 2007
Vulnerability Reserved
Mar 7, 2007