CVE-2006-2910

Buffer overflow in jetAudio 6.2.6.8330 (Basic), and possibly other versions, allows user-assisted attackers to execute arbitrary code via an audio file (such as WMA) with long ID Tag values including (1) Title, (2) Author, and (3) Album, which triggers the overflow in the tooltip display string if the sound card driver is disabled or incorrectly installed.

Published: Jul 5, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-2910
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cowon_america / jetaudio	basic_6.2.6.8330	basic_6.2.6.8330.x

http://secunia.com/advisories/19456
http://secunia.com/secunia_research/2006-45/advisory/
http://www.securityfocus.com/bid/18825
http://www.vupen.com/english/advisories/2006/2667
https://exchange.xforce.ibmcloud.com/vulnerabilities/27593

Vulnerability Database

CVE-2006-2910