Vulnerability Description
Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Hp-Ux | 11.00 |
| Hp | Tru64 | 4.0f |
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
- http://secunia.com/advisories/22451
- http://secunia.com/advisories/22528
- http://securitytracker.com/id?1017083
- http://securitytracker.com/id?1017098Patch
- http://securitytracker.com/id?1017099Patch
- http://www.netragard.com/pdfs/research/HP-TRU64-DTMAIL-20060810.txtVendor Advisory
- http://www.securityfocus.com/archive/1/449321/100/0/threaded
- http://www.securityfocus.com/bid/20580
- http://www.vupen.com/english/advisories/2006/4139
- http://www.vupen.com/english/advisories/2006/4140
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29644
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00793091
- http://secunia.com/advisories/22451
FAQ
What is CVE-2006-5452?
CVE-2006-5452 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Buffer overflow in dtmail on HP Tru64 UNIX 4.0F through 5.1B and HP-UX B.11.00 through B.11.23 allows local users to execute arbitrary code via a long -a (aka attachment) argument.
How severe is CVE-2006-5452?
CVE-2006-5452 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5452?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Hp-Ux, Hp Tru64.