Vulnerability Description
The ActiveX version of FrontRange iHEAT allows remote authenticated users to run arbitrary programs or access arbitrary files on the host machine by uploading a file with an extension that is not associated with an application, and selecting a file from the "Open With..." dialog.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Frontrange | Iheat | All versions |
References
- http://secunia.com/advisories/20165
- http://securitytracker.com/id?1016124
- http://www.securityfocus.com/archive/1/434400/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26711
- http://secunia.com/advisories/20165
- http://securitytracker.com/id?1016124
- http://www.securityfocus.com/archive/1/434400/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26711
FAQ
What is CVE-2006-2511?
CVE-2006-2511 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The ActiveX version of FrontRange iHEAT allows remote authenticated users to run arbitrary programs or access arbitrary files on the host machine by uploading a file with an extension that is not asso...
How severe is CVE-2006-2511?
CVE-2006-2511 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-2511?
Check the references section above for vendor advisories and patch information. Affected products include: Frontrange Iheat.