CVE-2006-3901 : Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary cod

Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the "temporary pathname" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename.

Published 2006-07-27 11:04:00

Updated 2018-10-17 21:32:15

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2006-3901

Probability of exploitation activity in the next 30 days: 13.90%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-3901

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2006-3901

Products affected by CVE-2006-3901

Tumbleweed » Mailgate Email Firewall
cpe:2.3:a:tumbleweed:mailgate_email_firewall:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2006-3901

Exploit prediction scoring system (EPSS) score for CVE-2006-3901

CVSS scores for CVE-2006-3901

References for CVE-2006-3901

Products affected by CVE-2006-3901