What is CVE-2006-0992?

CVE-2006-0992 is a vulnerability in N/a. Published 2006-04-14.

Is CVE-2006-0992 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-0992

Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advi…

EPSS: 0.888 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

metasploit.blogspot.com/2006/04/exploit-development-groupwise_14.html (x_refsource_MISC)
www.zerodayinitiative.com/advisories/ZDI-06-008.html (x_refsource_MISC)
24617 (x_refsource_OSVDB, vdb-entry)
ADV-2006-1355 (vdb-entry, x_refsource_VUPEN)
groupwise-accept-language-bo(25828) (vdb-entry, x_refsource_XF)
19663 (x_refsource_SECUNIA, third-party-advisory)
20060413 ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow (mailing-list, x_refsource_BUGTRAQ)
1679 (exploit, x_refsource_EXPLOIT-DB)
1015911 (vdb-entry, x_refsource_SECTRACK)
support.novell.com/cgi-bin/search/searchtid.cgi (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2006-0992?: CVE-2006-0992 is a vulnerability in N/a. Published 2006-04-14.
Is CVE-2006-0992 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.