ID

VAR-200609-0312


CVE

CVE-2006-4385


TITLE

Apple QuickTime fails to properly handle SGI images

Trust: 0.8

sources: CERT/CC: VU#308204

DESCRIPTION

Buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted SGI image. Apple QuickTime fails to properly handle SGI images. Successful exploits may facilitate a remote compromise of affected computers. Apple QuickTime is a popular multimedia player that supports a wide variety of media formats. McAfee, Inc. QuickTime is used by the Mac OS X operating system and by the QuickTime media player for Microsoft Windows. Seven code execution vulnerabilities are present in QuickTime support for various multimedia formats including: MOV, H.264, FLC, FPX and SGI. Exploitation could lead to execution of arbitrary code. User interaction is required for an attack to succeed. The risk rating for these issues is medium. _________________________________________________ * Vulnerable Systems QuickTime 7.1.2 and below for Mac OS X QuickTime for Windows 7.1.2 and below _________________________________________________ * Vulnerability Information CVE-2006-4382 Two buffer overflow vulnerabilities are present in QuickTime MOV format support. CVE-2006-4384 On heap overflow vulnerability is present in QuickTime FLC format support. CVE-2006-4386 One buffer overflow vulnerability is present in QuickTime MOV H.264 format support. CVE-2006-4388 One buffer overflow vulnerability is present in QuickTime FlashPix (FPX) format support. CVE-2006-4389 One uninitialized memory access vulnerability is present in QuickTime FlashPix (FPX) format support. _________________________________________________ * Resolution Apple has included fixes for the QuickTime issues in QuickTime version 7.1.3 for Mac OS X and for Microsoft Windows. Further information is available at: http://docs.info.apple.com/article.html?artnum=304357 _________________________________________________ * Credits These vulnerabilities were discovered by Mike Price of McAfee Avert Labs. _________________________________________________ * Legal Notice Copyright (C) 2006 McAfee, Inc. The information contained within this advisory is provided for the convenience of McAfee's customers, and may be redistributed provided that no fee is charged for distribution and that the advisory is not modified in any way. McAfee makes no representations or warranties regarding the accuracy of the information referenced in this document, or the suitability of that information for your purposes. McAfee, Inc. and McAfee Avert Labs are registered Trademarks of McAfee, Inc. and/or its affiliated companies in the United States and/or other Countries. All other registered and unregistered trademarks in this document are the sole property of their respective owners. Best regards, Dave Marcus, B.A., CCNA, MCSE Security Research and Communications Manager McAfee(r) Avert(r) Labs . I. Since QuickTime configures most web browsers to handle QuickTime media files, an attacker could exploit these vulnerabilities using a web page. For more information, please refer to the Vulnerability Notes. II. For further information, please see the Vulnerability Notes. III. Solution Upgrade QuickTime Upgrade to QuickTime 7.1.3. Disable QuickTime in your web browser An attacker may be able to exploit this vulnerability by persuading a user to access a specially crafted file with a web browser. Disabling QuickTime in your web browser will defend against this attack vector. For more information, refer to the Securing Your Web Browser document. Please send email to <cert@cert.org> with "TA06-256A Feedback VU#540348" in the subject. ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History September 13, 2006: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRQg23exOF3G+ig+rAQK7LggAt0RUIz3jewgQYrRYp9bMDBkS61Bvh2OO 8Gp2H472UXA0ucElK/1hAXtPXU2Pmf/EjrCqSImO+srV4i0x5QIFJDo41HtbDo9s FzQC/rmJ3YWl15L+uIjG0S1wxWwH5GyzQj4xaZCMdNLYEN7LVe31ETDsXJ3kEMMa m19M4GLOXAFfmjyGgky4Nux0RJU1UE/0w9pZESOXg+7WXFY8skOZ8YfqBvunjqtE pZa3LWoOcDtP/ORoEn7GY83v/uQqkX8uoAxwe9nuGXbyssvj7BQxDPvnwSWrXzUG R59/r1NA4i/EtYNV1ONW2Pntqc5/vv0OGcs1JFM9tazV3aRbgHfCVg== =nQVd -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Win32 binary codecs: Multiple vulnerabilities Date: March 04, 2008 Bugs: #150288 ID: 200803-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities in the Win32 codecs for Linux may result in the remote execution of arbitrary code. Background ========== Win32 binary codecs provide support for video and audio playback. Workaround ========== There is no known workaround at this time. Resolution ========== All Win32 binary codecs users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/win32codecs-20071007-r2" Note: Since no updated binary versions have been released, the Quicktime libraries have been removed from the package. Please use the free alternative Quicktime implementations within VLC, MPlayer or Xine for playback. References ========== [ 1 ] CVE-2006-4382 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4382 [ 2 ] CVE-2006-4384 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4384 [ 3 ] CVE-2006-4385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4385 [ 4 ] CVE-2006-4386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4386 [ 5 ] CVE-2006-4388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4388 [ 6 ] CVE-2006-4389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4389 [ 7 ] CVE-2007-4674 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4674 [ 8 ] CVE-2007-6166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6166 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200803-08.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Trust: 5.85

sources: NVD: CVE-2006-4385 // CERT/CC: VU#308204 // CERT/CC: VU#200316 // CERT/CC: VU#683700 // CERT/CC: VU#554252 // CERT/CC: VU#540348 // JVNDB: JVNDB-2006-000934 // BID: 19976 // VULHUB: VHN-20493 // PACKETSTORM: 50015 // PACKETSTORM: 50016 // PACKETSTORM: 64267

AFFECTED PRODUCTS

vendor:apple computermodel: - scope: - version: -

Trust: 4.0

vendor:applemodel:quicktimescope:eqversion:7.1.1

Trust: 1.6

vendor:applemodel:quicktimescope:eqversion:7.0.4

Trust: 1.6

vendor:applemodel:quicktimescope:eqversion:7.1.2

Trust: 1.6

vendor:applemodel:quicktimescope:eqversion:7.0.1

Trust: 1.6

vendor:applemodel:quicktimescope:eqversion:7.0.3

Trust: 1.6

vendor:applemodel:quicktimescope:eqversion:7.0.2

Trust: 1.6

vendor:applemodel:quicktimescope:eqversion:7.0

Trust: 1.6

vendor:applemodel:quicktimescope:eqversion:5.0

Trust: 1.0

vendor:applemodel:quicktimescope:eqversion:5.0.1

Trust: 1.0

vendor:applemodel:quicktimescope:eqversion:5.0.2

Trust: 1.0

vendor:applemodel:quicktimescope:eqversion:6.5.1

Trust: 1.0

vendor:applemodel:quicktimescope:eqversion:6.1

Trust: 1.0

vendor:applemodel:quicktimescope:eqversion:6.5.2

Trust: 1.0

vendor:applemodel:quicktimescope:eqversion:6.5

Trust: 1.0

vendor:applemodel:quicktimescope:eqversion:6.0

Trust: 1.0

vendor:applemodel:quicktimescope:eqversion:7.1.3

Trust: 0.8

vendor:gentoomodel:media-libs/win32codecs 20071007-r2scope: - version: -

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.4

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.3

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.0

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:6.5.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:6.5.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:6.5

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:6.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:5.0.2

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:7.1

Trust: 0.3

vendor:applemodel:quicktime playerscope:eqversion:6

Trust: 0.3

vendor:applemodel:quicktime playerscope:neversion:7.1.3

Trust: 0.3

sources: CERT/CC: VU#308204 // CERT/CC: VU#200316 // CERT/CC: VU#683700 // CERT/CC: VU#554252 // CERT/CC: VU#540348 // BID: 19976 // JVNDB: JVNDB-2006-000934 // CNNVD: CNNVD-200609-172 // NVD: CVE-2006-4385

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-4385
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#308204
value: 27.00

Trust: 0.8

CARNEGIE MELLON: VU#200316
value: 0.08

Trust: 0.8

CARNEGIE MELLON: VU#683700
value: 2.73

Trust: 0.8

CARNEGIE MELLON: VU#554252
value: 27.00

Trust: 0.8

CARNEGIE MELLON: VU#540348
value: 27.00

Trust: 0.8

CNNVD: CNNVD-200609-172
value: MEDIUM

Trust: 0.6

VULHUB: VHN-20493
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2006-4385
severity: MEDIUM
baseScore: 5.1
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-20493
severity: MEDIUM
baseScore: 5.1
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#308204 // CERT/CC: VU#200316 // CERT/CC: VU#683700 // CERT/CC: VU#554252 // CERT/CC: VU#540348 // VULHUB: VHN-20493 // CNNVD: CNNVD-200609-172 // NVD: CVE-2006-4385

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-4385

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200609-172

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200609-172

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-000934

PATCH

title:HT1338url:http://support.apple.com/kb/HT1338?viewlocale=ja_JP

Trust: 0.8

title:TA24355url:http://support.apple.com/kb/TA24355?viewlocale=ja_JP

Trust: 0.8

title:HT1222url:http://support.apple.com/kb/HT1222?viewlocale=ja_JP

Trust: 0.8

title:QuickTime 7.1.3 Update のセキュリティコンテンツについてurl:http://www.apple.com/jp/ftp-info/reference/quicktime713.html

Trust: 0.8

title:QuickTime - ダウンロード QuickTime Player スタンドアロン版のダウンロードurl:http://www.apple.com/jp/quicktime/download/

Trust: 0.8

title:TA06-256Aurl:http://software.fujitsu.com/jp/security/vulnerabilities/ta06-256a.html

Trust: 0.8

sources: JVNDB: JVNDB-2006-000934

EXTERNAL IDS

db:SECUNIAid:21893

Trust: 4.9

db:CERT/CCid:VU#308204

Trust: 3.6

db:NVDid:CVE-2006-4385

Trust: 3.0

db:BIDid:19976

Trust: 2.0

db:CERT/CCid:VU#683700

Trust: 1.9

db:CERT/CCid:VU#554252

Trust: 1.9

db:CERT/CCid:VU#540348

Trust: 1.9

db:USCERTid:TA06-256A

Trust: 1.7

db:SECTRACKid:1016830

Trust: 1.7

db:SECUNIAid:29182

Trust: 1.7

db:SREASONid:1554

Trust: 1.7

db:OSVDBid:28768

Trust: 1.7

db:VUPENid:ADV-2006-3577

Trust: 1.7

db:CERT/CCid:VU#200316

Trust: 1.1

db:JVNDBid:JVNDB-2006-000934

Trust: 0.8

db:CNNVDid:CNNVD-200609-172

Trust: 0.7

db:GENTOOid:GLSA-200803-08

Trust: 0.6

db:BUGTRAQid:20060913 MULTIPLE VULNERABILITIES IN APPLE QUICKTIME

Trust: 0.6

db:XFid:28932

Trust: 0.6

db:APPLEid:APPLE-SA-2006-09-12

Trust: 0.6

db:VULHUBid:VHN-20493

Trust: 0.1

db:PACKETSTORMid:50015

Trust: 0.1

db:PACKETSTORMid:50016

Trust: 0.1

db:PACKETSTORMid:64267

Trust: 0.1

sources: CERT/CC: VU#308204 // CERT/CC: VU#200316 // CERT/CC: VU#683700 // CERT/CC: VU#554252 // CERT/CC: VU#540348 // VULHUB: VHN-20493 // BID: 19976 // JVNDB: JVNDB-2006-000934 // PACKETSTORM: 50015 // PACKETSTORM: 50016 // PACKETSTORM: 64267 // CNNVD: CNNVD-200609-172 // NVD: CVE-2006-4385

REFERENCES

url:http://docs.info.apple.com/article.html?artnum=304357

Trust: 5.0

url:http://secunia.com/advisories/21893/

Trust: 3.2

url:http://www.kb.cert.org/vuls/id/308204

Trust: 2.8

url:http://www.apple.com/support/downloads/quicktime713.html

Trust: 2.4

url:http://www.apple.com/quicktime/download/standalone.html

Trust: 2.4

url:http://www.us-cert.gov/reading_room/securing_browser/

Trust: 2.4

url:http://security.gentoo.org/glsa/glsa-200803-08.xml

Trust: 1.8

url:http://lists.apple.com/archives/security-announce/2006/sep/msg00000.html

Trust: 1.7

url:http://www.securityfocus.com/bid/19976

Trust: 1.7

url:http://www.osvdb.org/28768

Trust: 1.7

url:http://securitytracker.com/id?1016830

Trust: 1.7

url:http://secunia.com/advisories/21893

Trust: 1.7

url:http://secunia.com/advisories/29182

Trust: 1.7

url:http://securityreason.com/securityalert/1554

Trust: 1.7

url:http://www.us-cert.gov/cas/techalerts/ta06-256a.html

Trust: 1.6

url:http://piotrbania.com/all/adv/quicktime-integer-overflow-h264-adv-7.1.txt

Trust: 1.1

url:http://www.securityfocus.com/archive/1/445888/100/0/threaded

Trust: 1.1

url:http://www.vupen.com/english/advisories/2006/3577

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/28932

Trust: 1.1

url:http://www.kb.cert.org/vuls/id/540348

Trust: 1.1

url:http://www.kb.cert.org/vuls/id/554252

Trust: 1.1

url:http://www.kb.cert.org/vuls/id/683700

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4386

Trust: 0.9

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4385

Trust: 0.9

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4389

Trust: 0.9

url:http://www.cert.org/tech_tips/before_you_plug_in.html

Trust: 0.8

url:http://www.apple.com/quicktime/download/

Trust: 0.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-4382

Trust: 0.8

url:http://jvn.jp/cert/jvnta06-256a/

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4382

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4385

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4389

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4386

Trust: 0.8

url:http://www.cyberpolice.go.jp/important/2006/20060913_173644.html

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/28932

Trust: 0.6

url:http://www.securityfocus.com/archive/1/archive/1/445888/100/0/threaded

Trust: 0.6

url:http://www.frsirt.com/english/advisories/2006/3577

Trust: 0.6

url:http://www.apple.com/quicktime/

Trust: 0.3

url:http://www.kb.cert.org/vuls/id/200316

Trust: 0.3

url:/archive/1/445830

Trust: 0.3

url:/archive/1/445831

Trust: 0.3

url:/archive/1/445888

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2006-4382

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2006-4385

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2006-4384

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2006-4389

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2006-4388

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2006-4386

Trust: 0.2

url:http://docs.info.apple.com/article.html?artnum=304357>

Trust: 0.1

url:http://www.apple.com/support/downloads/quicktime713.html>

Trust: 0.1

url:http://www.apple.com/quicktime/download/standalone.html>

Trust: 0.1

url:http://www.us-cert.gov/legal.html>

Trust: 0.1

url:http://www.kb.cert.org/vuls/byid?searchview&query=quicktime_713>

Trust: 0.1

url:http://docs.info.apple.com/article.html?artnum=106704>

Trust: 0.1

url:http://www.us-cert.gov/cas/techalerts/ta06-256a.html>

Trust: 0.1

url:http://www.us-cert.gov/reading_room/securing_browser/>

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2007-4674

Trust: 0.1

url:http://secunia.com/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4674

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6166

Trust: 0.1

url:http://bugs.gentoo.org.

Trust: 0.1

url:http://enigmail.mozdev.org

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4384

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2007-6166

Trust: 0.1

url:http://lists.grok.org.uk/full-disclosure-charter.html

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4388

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4382

Trust: 0.1

sources: CERT/CC: VU#308204 // CERT/CC: VU#200316 // CERT/CC: VU#683700 // CERT/CC: VU#554252 // CERT/CC: VU#540348 // VULHUB: VHN-20493 // BID: 19976 // JVNDB: JVNDB-2006-000934 // PACKETSTORM: 50015 // PACKETSTORM: 50016 // PACKETSTORM: 64267 // CNNVD: CNNVD-200609-172 // NVD: CVE-2006-4385

CREDITS

Sowhat smaillist@gmail.com Mike PricePiotr Bania bania.piotr@gmail.com Ruben Santamarta ruben@reversemode.com

Trust: 0.6

sources: CNNVD: CNNVD-200609-172

SOURCES

db:CERT/CCid:VU#308204
db:CERT/CCid:VU#200316
db:CERT/CCid:VU#683700
db:CERT/CCid:VU#554252
db:CERT/CCid:VU#540348
db:VULHUBid:VHN-20493
db:BIDid:19976
db:JVNDBid:JVNDB-2006-000934
db:PACKETSTORMid:50015
db:PACKETSTORMid:50016
db:PACKETSTORMid:64267
db:CNNVDid:CNNVD-200609-172
db:NVDid:CVE-2006-4385

LAST UPDATE DATE

2024-11-27T22:25:32.265000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#308204date:2006-09-13T00:00:00
db:CERT/CCid:VU#200316date:2006-09-15T00:00:00
db:CERT/CCid:VU#683700date:2006-09-13T00:00:00
db:CERT/CCid:VU#554252date:2006-09-13T00:00:00
db:CERT/CCid:VU#540348date:2006-09-13T00:00:00
db:VULHUBid:VHN-20493date:2018-10-17T00:00:00
db:BIDid:19976date:2008-03-04T23:32:00
db:JVNDBid:JVNDB-2006-000934date:2009-04-03T00:00:00
db:CNNVDid:CNNVD-200609-172date:2006-09-14T00:00:00
db:NVDid:CVE-2006-4385date:2024-11-21T00:15:49.783

SOURCES RELEASE DATE

db:CERT/CCid:VU#308204date:2006-09-13T00:00:00
db:CERT/CCid:VU#200316date:2006-09-13T00:00:00
db:CERT/CCid:VU#683700date:2006-09-13T00:00:00
db:CERT/CCid:VU#554252date:2006-09-13T00:00:00
db:CERT/CCid:VU#540348date:2006-09-13T00:00:00
db:VULHUBid:VHN-20493date:2006-09-12T00:00:00
db:BIDid:19976date:2006-09-12T00:00:00
db:JVNDBid:JVNDB-2006-000934date:2009-04-03T00:00:00
db:PACKETSTORMid:50015date:2006-09-14T07:22:52
db:PACKETSTORMid:50016date:2006-09-14T07:23:59
db:PACKETSTORMid:64267date:2008-03-04T22:49:07
db:CNNVDid:CNNVD-200609-172date:2006-09-12T00:00:00
db:NVDid:CVE-2006-4385date:2006-09-12T23:07:00