返回 CVE 瀏覽器

CVE-2006-3893

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0400%

EPSS Percentile0.35th

Published2006年12月4日

Last Modified2026年4月23日

Vulnerability Description

Multiple buffer overflows in the ActiveX controls in Newtone ImageKit 5 before Fix 30 and 6 before Fix 40, as used in CASIO Photo Loader software before 3.01 and possibly other software, allow remote attackers to execute arbitrary code via a crafted HTML document.

Affected Platforms (CPE)

📦

Casio

Photo Loader

= 3.00

📦

Newtone

Imagekit

= 5_fix_29

📦

Newtone

Imagekit

= 6_fix_40

References & Advisories

🔗 http://secunia.com/advisories/23286

🔗 http://www.kb.cert.org/vuls/id/210697

🔗 http://www.securityfocus.com/bid/21375

🔗 http://www.vupen.com/english/advisories/2006/4794

🔗 http://www.vupen.com/english/advisories/2006/4795

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/30680

🔗 http://secunia.com/advisories/23286

🔗 http://www.kb.cert.org/vuls/id/210697

相關漏洞威脅

CVE-2006-068610.0

add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new adminis...

CVE-2006-068510.0

The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authenticati...

CVE-2006-067210.0

Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and attack vectors.

CVE-2006-097910.0

Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 has unknown impact and attack ve...