CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2006-6627

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile24.09th
Published2006年12月18日
Last Modified2026年4月23日

Vulnerability Description

Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivirus Plus, Internet Security, Mail Protection for Enterprises, and Online Scanner; and BitDefender products for Microsoft ISA Server and Exchange 5.5 through 2003; allows remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow, aka the "cevakrnl.xmd vulnerability."

Affected Platforms (CPE)

📦
Softwin

Bitdefender

= isa_server
📦
Softwin

Bitdefender

= ms_exchange_5.5
📦
Softwin

Bitdefender

= ms_exchange_2000
📦
Softwin

Bitdefender

= ms_exchange_2003
📦
Softwin

Bitdefender Antivirus

All versions
📦
Softwin

Bitdefender Antivirus

= plus
📦
Softwin

Bitdefender Internet Security

All versions
📦
Softwin

Bitdefender Mail Protection

= enterprises
📦
Softwin

Bitdefender Online Scanner

All versions

References & Advisories

🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051319.html
🔗 http://secunia.com/advisories/23415
🔗 http://securityreason.com/securityalert/2044
🔗 http://securitytracker.com/id?1017389
🔗 http://www.bitdefender.com/KB323-en--cevakrnl.xmd-vulnerability.html
🔗 http://www.securityfocus.com/archive/1/454501/100/0/threaded
🔗 http://www.securityfocus.com/bid/21610
🔗 http://www.vupen.com/english/advisories/2006/5040

相關漏洞威脅

CVE-2017-89319.8

Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified...

CVE-2018-89559.8

The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata...

CVE-2007-57759.8

Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. ...

CVE-2008-54099.3

Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Intern...