Vulnerability Description
Buffer overflow in the validateospheader function in the Open Settlement Protocol (OSP) module in OpenSER 1.1.0 and earlier allows remote attackers to execute arbitrary code via a crafted OSP header.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openser | Openser | <= 1.1.0 |
| Openser | Openser Osp Module | <= 1.1 |
References
- http://www.securityfocus.com/archive/1/455412/100/0/threaded
- http://www.securityfocus.com/bid/21801
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31151
- http://www.securityfocus.com/archive/1/455412/100/0/threaded
- http://www.securityfocus.com/bid/21801
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31151
FAQ
What is CVE-2006-6875?
CVE-2006-6875 is a vulnerability with a CVSS score of 7.5 (HIGH). Buffer overflow in the validateospheader function in the Open Settlement Protocol (OSP) module in OpenSER 1.1.0 and earlier allows remote attackers to execute arbitrary code via a crafted OSP header.
How severe is CVE-2006-6875?
CVE-2006-6875 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6875?
Check the references section above for vendor advisories and patch information. Affected products include: Openser Openser, Openser Openser Osp Module.