CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-2324

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1220%
EPSS Percentile16.95th
Published2006年5月12日
Last Modified2026年4月16日

Vulnerability Description

180solutions Zango downloads "required Adware components" without checking integrity or authenticity, which might allow context-dependent attackers to execute arbitrary code by subverting the DNS resolution of static.zangocash.com.

Affected Platforms (CPE)

📦
180solutions

Zango

All versions

References & Advisories

🔗 http://secdev.zoller.lu/research/zango.htm
🔗 http://securityreason.com/securityalert/890
🔗 http://www.securityfocus.com/archive/1/433566/100/0/threaded
🔗 http://secdev.zoller.lu/research/zango.htm
🔗 http://securityreason.com/securityalert/890
🔗 http://www.securityfocus.com/archive/1/433566/100/0/threaded

関連する脆弱性情報

CVE-2006-623510.0

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to ...

CVE-2006-021810.0

Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0.2 have unspecified impact and attack vectors, related to...

CVE-2006-502510.0

Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.2 have unknown impact and attack ve...

CVE-2006-026010.0

Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 and 10.1.0.5 have unspecified impact and attack vectors, as...