Vulnerability-Lookup

CVE-2006-1176 (GCVE-0-2006-1176)

Vulnerability from cvelistv5 – Published: 2006-07-08 00:00 – Updated: 2024-08-07 17:03

Summary

Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup & Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.

Severity ?

No CVSS data available.

CWE

Assigner

certcc

References

URL

Tags

	http://secunia.com/advisories/20969	third-party-advisoryx_refsource_SECUNIA
	http://securitytracker.com/id?1016445	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/597721	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/bid/18921	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2006/2698	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.kb.cert.org/vuls/id/MIMG-6QKPVH	x_refsource_CONFIRM

Date Public ?

2006-07-06 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:03:28.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20969",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20969"
          },
          {
            "name": "1016445",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016445"
          },
          {
            "name": "VU#597721",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/597721"
          },
          {
            "name": "18921",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18921"
          },
          {
            "name": "ADV-2006-2698",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2698"
          },
          {
            "name": "ebay-epuimagecontrol-bo(27631)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "20969",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20969"
        },
        {
          "name": "1016445",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016445"
        },
        {
          "name": "VU#597721",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/597721"
        },
        {
          "name": "18921",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18921"
        },
        {
          "name": "ADV-2006-2698",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2698"
        },
        {
          "name": "ebay-epuimagecontrol-bo(27631)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2006-1176",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20969",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20969"
            },
            {
              "name": "1016445",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016445"
            },
            {
              "name": "VU#597721",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/597721"
            },
            {
              "name": "18921",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18921"
            },
            {
              "name": "ADV-2006-2698",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2698"
            },
            {
              "name": "ebay-epuimagecontrol-bo(27631)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
            },
            {
              "name": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH",
              "refsource": "CONFIRM",
              "url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2006-1176",
    "datePublished": "2006-07-08T00:00:00.000Z",
    "dateReserved": "2006-03-12T00:00:00.000Z",
    "dateUpdated": "2024-08-07T17:03:28.323Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2006-1176",
      "date": "2026-04-25",
      "epss": "0.06172",
      "percentile": "0.90873"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ebay:enhanced_picture_services:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.3.36\", \"matchCriteriaId\": \"C430372F-FABF-414E-92FC-4AF39F9027CB\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de B\\u00fafer en eBay Enhanced Picture Services (tambi\\u00e9n conocido como EPUImageControl Class) de EUPWALcontrol.dll versiones anteriores a 1.0.3.48, como se usa en Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader y CARad.com Add Vehicle, permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n mediante un documento HTML manipulado.\"}]",
      "id": "CVE-2006-1176",
      "lastModified": "2024-11-21T00:08:14.913",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": true, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-07-08T00:05:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/20969\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://securitytracker.com/id?1016445\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/597721\", \"source\": \"cret@cert.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/MIMG-6QKPVH\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://www.securityfocus.com/bid/18921\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2698\", \"source\": \"cret@cert.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/27631\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://secunia.com/advisories/20969\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1016445\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/597721\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.kb.cert.org/vuls/id/MIMG-6QKPVH\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/18921\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2698\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/27631\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cret@cert.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-1176\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2006-07-08T00:05:00.000\",\"lastModified\":\"2026-04-16T00:27:16.627\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de B\u00fafer en eBay Enhanced Picture Services (tambi\u00e9n conocido como EPUImageControl Class) de EUPWALcontrol.dll versiones anteriores a 1.0.3.48, como se usa en Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader y CARad.com Add Vehicle, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un documento HTML manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ebay:enhanced_picture_services:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.3.36\",\"matchCriteriaId\":\"C430372F-FABF-414E-92FC-4AF39F9027CB\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/20969\",\"source\":\"cret@cert.org\"},{\"url\":\"http://securitytracker.com/id?1016445\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/597721\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/MIMG-6QKPVH\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/bid/18921\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2698\",\"source\":\"cret@cert.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27631\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/20969\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016445\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/597721\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/MIMG-6QKPVH\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18921\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2698\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27631\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GSD-2006-1176

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2006-1176

Aliases

CVE-2006-1176

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-1176",
    "description": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.",
    "id": "GSD-2006-1176"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-1176"
      ],
      "details": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.",
      "id": "GSD-2006-1176",
      "modified": "2023-12-13T01:19:55.535647Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2006-1176",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20969",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20969"
          },
          {
            "name": "1016445",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016445"
          },
          {
            "name": "VU#597721",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/597721"
          },
          {
            "name": "18921",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/18921"
          },
          {
            "name": "ADV-2006-2698",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/2698"
          },
          {
            "name": "ebay-epuimagecontrol-bo(27631)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
          },
          {
            "name": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH",
            "refsource": "CONFIRM",
            "url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ebay:enhanced_picture_services:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.0.3.36",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2006-1176"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
            },
            {
              "name": "VU#597721",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/597721"
            },
            {
              "name": "1016445",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016445"
            },
            {
              "name": "20969",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20969"
            },
            {
              "name": "18921",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/18921"
            },
            {
              "name": "ADV-2006-2698",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/2698"
            },
            {
              "name": "ebay-epuimagecontrol-bo(27631)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-20T01:30Z",
      "publishedDate": "2006-07-08T00:05Z"
    }
  }
}

GHSA-C3XG-4QMH-R995

Vulnerability from github – Published: 2022-05-01 06:46 – Updated: 2022-05-01 06:46

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-1176"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-07-08T00:05:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document.",
  "id": "GHSA-c3xg-4qmh-r995",
  "modified": "2022-05-01T06:46:46Z",
  "published": "2022-05-01T06:46:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1176"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20969"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016445"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/597721"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/18921"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/2698"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2006-1176

Vulnerability from fkie_nvd - Published: 2006-07-08 00:05 - Updated: 2026-04-16 00:27

Severity ?

Summary

References

URL	Tags
cret@cert.org	http://secunia.com/advisories/20969
cret@cert.org	http://securitytracker.com/id?1016445
cret@cert.org	http://www.kb.cert.org/vuls/id/597721	US Government Resource
cret@cert.org	http://www.kb.cert.org/vuls/id/MIMG-6QKPVH
cret@cert.org	http://www.securityfocus.com/bid/18921
cret@cert.org	http://www.vupen.com/english/advisories/2006/2698
cret@cert.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27631
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20969
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016445
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/597721	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/MIMG-6QKPVH
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18921
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2698
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27631

Impacted products

	Vendor	Product	Version
	ebay	enhanced_picture_services	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ebay:enhanced_picture_services:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C430372F-FABF-414E-92FC-4AF39F9027CB",
              "versionEndIncluding": "1.0.3.36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in eBay Enhanced Picture Services (aka EPUImageControl Class) in EUPWALcontrol.dll before 1.0.3.48, as used in Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader, and CARad.com Add Vehicle, allows remote attackers to execute arbitrary code via a crafted HTML document."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de B\u00fafer en eBay Enhanced Picture Services (tambi\u00e9n conocido como EPUImageControl Class) de EUPWALcontrol.dll versiones anteriores a 1.0.3.48, como se usa en Sell Your Item (SYI), Setup \u0026 Test eBay Enhanced Picture Services, Picture Manager Enhanced Uploader y CARad.com Add Vehicle, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un documento HTML manipulado."
    }
  ],
  "id": "CVE-2006-1176",
  "lastModified": "2026-04-16T00:27:16.627",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-07-08T00:05:00.000",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://secunia.com/advisories/20969"
    },
    {
      "source": "cret@cert.org",
      "url": "http://securitytracker.com/id?1016445"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/597721"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securityfocus.com/bid/18921"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.vupen.com/english/advisories/2006/2698"
    },
    {
      "source": "cret@cert.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20969"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/597721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kb.cert.org/vuls/id/MIMG-6QKPVH"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18921"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2698"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27631"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2006-1176 (GCVE-0-2006-1176)

GSD-2006-1176

GHSA-C3XG-4QMH-R995

FKIE_CVE-2006-1176

Tags

Sightings

Nomenclature