CyberSec.Space Logo
Back to CVE Browser

CVE-2006-2324

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1220%
EPSS Percentile16.95th
PublishedMay 12, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

180solutions Zango downloads "required Adware components" without checking integrity or authenticity, which might allow context-dependent attackers to execute arbitrary code by subverting the DNS resolution of static.zangocash.com.

Affected Platforms (CPE)

πŸ“¦
180solutions

Zango

All versions

References & Advisories

πŸ”— http://secdev.zoller.lu/research/zango.htm
πŸ”— http://securityreason.com/securityalert/890
πŸ”— http://www.securityfocus.com/archive/1/433566/100/0/threaded
πŸ”— http://secdev.zoller.lu/research/zango.htm
πŸ”— http://securityreason.com/securityalert/890
πŸ”— http://www.securityfocus.com/archive/1/433566/100/0/threaded

Related Vulnerabilities

CVE-2006-502510.0

Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.2 have unknown impact and attack ve...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2006-446110.0

Paessler IPCheck Server Monitor before 5.3.3.639/640 does not properly implement a "list of acceptable host IP addresses in the pr...

CVE-2006-623510.0

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to ...