Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-6539

EPSS 17.62% · P95
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-6539

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple buffer overflows in Winamp Web Interface (Wawi) 7.5.13 and earlier (1) allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an (a) long username or a (b) crafted packet to the FindBasicAuth function in security.cpp, related to the /browse URI; and allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a long path string in the (2) Browse, (3) CControl::Download, and (4) CControl::Load functions, related to the file parameter in the /dl URI. NOTE: some of these details are obtained from third party information.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Winamp Web Interface 在多个缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Winamp Web Interface (Wawi) 7.5.13及更早版本存在多个缓冲区溢出,(1)远程攻击者可以通过(a)长用户名,或传给在security.cpp内的FindBasicAuth函数的(b)特制的包,来发起拒绝服务攻击(应用系统崩溃)并可能执行任意代码,和/browse URI有关;远程认证用户可以通过在(2)Browse,(3)CControl::Download和(4)CControl::Load函数中的长路径字符串来发起拒绝服务攻击(应用程序崩溃)并可能执行任意代码,和/dl
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-6539

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-6539

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-12-14 · 62 CVEs total

CVE-2006-6522WikiTimeScale TwoZero 多个跨站脚本攻击漏洞
CVE-2006-5649Linux核心SPARC和PowerPC本地拒绝服务漏洞
CVE-2006-6508phpBB 未授消息权跨站请求伪造漏洞
CVE-2006-6107D-Bus 'signals.c'本地拒绝服务漏洞
CVE-2006-5875Enemies of Carlotta Shell参数命令执行漏洞
CVE-2006-6527Gizzar 'guest.php'PHP远程文件包含漏洞
CVE-2006-6526Gizzar 'Index.php'远程文件包含漏洞
CVE-2006-6525EzHRS HR Assis 'vdateUsr.asp'SQL注入漏洞
CVE-2006-6524EzHRS HR Assist 'vdateUsr.asp' SQL注入漏洞
CVE-2006-6523CPanel BoxTrapper 'Manage.HTML'跨站脚本攻击漏洞
CVE-2006-6528Drupal的Chatroom模块会话劫持和特权提升漏洞
CVE-2006-6521Messageriescripthp 'lire-avis.php'SQL注入漏洞
CVE-2006-6520Messageriescripthp 多个跨站脚本攻击(XSS)漏洞
CVE-2006-6519ProNews 'lire-avis.php'多个输入验证漏洞
CVE-2006-6518ProNews 多个跨站脚本攻击漏洞
CVE-2006-6517KDPics多个输入验证漏洞
CVE-2006-6516KDPics 多个PHP远程文件包含漏洞
CVE-2006-6515Mantis '$g_bug_reminder_threshold'未明攻击漏洞
CVE-2006-6514Winamp Web Interface 根目录远程访问漏洞
CVE-2006-6513Winamp Web Interface CControl::Download函数任意类型文件下载漏洞

Showing top 20 of 62 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-6539

No comments yet

Leave a comment