CVE-2006-3890
NONE EPSS 96.2%
Published Nov 21, 200619y ago · Modified Jun 16, 20262w ago
Published Nov 21, 2006 19y ago
Last Modified Jun 16, 2026 2w ago
Description
Stack-based buffer overflow in the Sky Software FileView ActiveX control, as used in WinZip 10 before build 7245 and in certain other applications, allows remote attackers to execute arbitrary code via a long FilePattern attribute in a WZFILEVIEW object, a different vulnerability than CVE-2006-5198.
Threat Intelligence
EPSS Exploit Probability
96.2% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Affected Products 7
References 7
- secunia.com http://secunia.com/advisories/22891
- kb.cert.org http://www.kb.cert.org/vuls/id/225217
- securityfocus.com http://www.securityfocus.com/archive/1/451566/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/21060
- securityfocus.com http://www.securityfocus.com/bid/21108
- docs.microsoft.com https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067
- exploit-db.com https://www.exploit-db.com/exploits/2785
Remediation
- secunia.com http://secunia.com/advisories/22891
- kb.cert.org http://www.kb.cert.org/vuls/id/225217
- securityfocus.com http://www.securityfocus.com/bid/21060