CVE-2006-4024
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2006-4024
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The FESTAHES_Load function in pce/hes.c in Festalon 0.5.0 through 0.5.5 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative LoadAddr value in a HES file, which is used as an offset in a memcpy operation and leads to a buffer underflow.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Festalon pce/hes.c程序 HES文件堆缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
利用Festalon 0.5.0至0.5.5版本的pce/hes.c程序中的FESTAHES_Load函数,用户辅助攻击者可借助HES文件中一个负LoadAddr值触发拒绝服务攻击,且有可能执行任意代码。此LoadAddr值用于memcpy操作的偏移地址,并导致缓冲区下溢。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2006-4024
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2006-4024
Please Login to view more intelligence information
- http://aluigi.altervista.org/adv/festahc-adv.txtx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2006-4024
Same Patch Batch · n/a · 2006-08-09 · 42 CVEs total
| CVE-2006-3444 | Microsoft Windows 2000内核本地权限提升漏洞(MS06-049) | |
| CVE-2006-4029 | AGEphone SIP报文处理缓冲区溢出漏洞 | |
| CVE-2006-3083 | MIT Kerberos 5多个本地权限提升漏洞 | |
| CVE-2006-3084 | MIT Kerberos 多个本地权限提升漏洞 | |
| CVE-2006-3979 | ColdFusion AdminAPI认证绕过漏洞 | |
| CVE-2006-3439 | Microsoft Windows Server服务远程缓冲区溢出漏洞(MS06-040) | |
| CVE-2006-3440 | Microsoft Winsock Gethostbyname远程缓冲区溢出漏洞(MS06-041) | |
| CVE-2006-3441 | Microsoft Windows DNS客户端缓冲区溢出漏洞(MS06-041) | |
| CVE-2006-3443 | Microsoft Windows用户配置文件权限提升漏洞(MS06-051) | |
| CVE-2006-3648 | Microsoft Windows未处理异常远程代码执行漏洞 | |
| CVE-2006-3438 | Microsoft超级链接对象库函数溢出漏洞 | |
| CVE-2006-4028 | WordPress多个不明安全漏洞 | |
| CVE-2006-3449 | Microsoft PowerPoint畸形记录处理代码执行漏洞(MS06-048) | |
| CVE-2006-3639 | Microsoft IE源元素跨域访问漏洞(MS06-042) | |
| CVE-2006-3640 | Microsoft IE窗口位置跨域信息泄露漏洞(MS06-042) | |
| CVE-2006-3643 | Microsoft管理控制台重新定向跨站脚本漏洞(MS06-044) | |
| CVE-2006-3649 | Microsoft Visual Basic for Applications文档检查溢出漏洞(MS06-047) | |
| CVE-2006-4022 | Intel 2100 PRO/无线网络连接驱动程序内存破坏漏洞 | |
| CVE-2006-4023 | PHP ip2long函数SQL注入漏洞 | |
| CVE-2006-4025 | XennoBB 'Profile.PHP'SQL注入漏洞 |
Showing top 20 of 42 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8258
Squirrel sqstdstring.cpp validate_format stack-based overflo - CVE-2026-8252
Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer - CVE-2026-8251
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list - CVE-2026-8249
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo
V. Comments for CVE-2006-4024
No comments yet