VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-t1f2-zvr7-fucy

Essentials
Severities (41)
References (20)
Severity details (32)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-t1f2-zvr7-fucy
Aliases	CVE-2006-2362
Summary	Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.
Status	Published
Exploitability	2.0
Weighted Severity	6.6
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
cvssv3.1	7.3	http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html
ssvc	Track	http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html
epss	0.05512	https://api.first.org/data/v1/epss?cve=CVE-2006-2362
epss	0.05512	https://api.first.org/data/v1/epss?cve=CVE-2006-2362
epss	0.05512	https://api.first.org/data/v1/epss?cve=CVE-2006-2362
epss	0.05512	https://api.first.org/data/v1/epss?cve=CVE-2006-2362
epss	0.05512	https://api.first.org/data/v1/epss?cve=CVE-2006-2362
epss	0.05512	https://api.first.org/data/v1/epss?cve=CVE-2006-2362
epss	0.05512	https://api.first.org/data/v1/epss?cve=CVE-2006-2362
epss	0.05512	https://api.first.org/data/v1/epss?cve=CVE-2006-2362
epss	0.05512	https://api.first.org/data/v1/epss?cve=CVE-2006-2362
cvssv3.1	7.3	http://secunia.com/advisories/20188
ssvc	Track	http://secunia.com/advisories/20188
cvssv3.1	7.3	http://secunia.com/advisories/20531
ssvc	Track	http://secunia.com/advisories/20531
cvssv3.1	7.3	http://secunia.com/advisories/20550
ssvc	Track	http://secunia.com/advisories/20550
cvssv3.1	7.3	http://secunia.com/advisories/22932
ssvc	Track	http://secunia.com/advisories/22932
cvssv3.1	7.3	http://secunia.com/advisories/27441
ssvc	Track	http://secunia.com/advisories/27441
cvssv3.1	7.3	https://exchange.xforce.ibmcloud.com/vulnerabilities/26644
ssvc	Track	https://exchange.xforce.ibmcloud.com/vulnerabilities/26644
cvssv3.1	7.3	http://sourceware.org/bugzilla/show_bug.cgi?id=2584
ssvc	Track	http://sourceware.org/bugzilla/show_bug.cgi?id=2584
cvssv3.1	7.3	http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.html
ssvc	Track	http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.html
cvssv3.1	7.3	http://www.novell.com/linux/security/advisories/2006_26_sr.html
ssvc	Track	http://www.novell.com/linux/security/advisories/2006_26_sr.html
cvssv3.1	7.3	http://www.securityfocus.com/bid/17950
ssvc	Track	http://www.securityfocus.com/bid/17950
cvssv3.1	7.3	http://www.securitytracker.com/id?1018872
ssvc	Track	http://www.securitytracker.com/id?1018872
cvssv3.1	7.3	http://www.trustix.org/errata/2006/0034/
ssvc	Track	http://www.trustix.org/errata/2006/0034/
cvssv3.1	7.3	http://www.ubuntu.com/usn/usn-292-1
ssvc	Track	http://www.ubuntu.com/usn/usn-292-1
cvssv3.1	7.3	http://www.vupen.com/english/advisories/2006/1924
ssvc	Track	http://www.vupen.com/english/advisories/2006/1924
cvssv3.1	7.3	http://www.vupen.com/english/advisories/2007/3665
ssvc	Track	http://www.vupen.com/english/advisories/2007/3665

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2006-2362
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2362
0034		http://www.trustix.org/errata/2006/0034/
17950		http://www.securityfocus.com/bid/17950
1924		http://www.vupen.com/english/advisories/2006/1924
20188		http://secunia.com/advisories/20188
20531		http://secunia.com/advisories/20531
20550		http://secunia.com/advisories/20550
26644		https://exchange.xforce.ibmcloud.com/vulnerabilities/26644
27441		http://secunia.com/advisories/27441
3665		http://www.vupen.com/english/advisories/2007/3665
368237		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368237
CVE-2006-2362;OSVDB-25711	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27856.txt
CVE-2006-2362;OSVDB-25711	Exploit	https://www.securityfocus.com/bid/17950/info
id?1018872		http://www.securitytracker.com/id?1018872
msg00001.html		http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html
msg01516.html		http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.html
show_bug.cgi?id=2584		http://sourceware.org/bugzilla/show_bug.cgi?id=2584
usn-292-1		http://www.ubuntu.com/usn/usn-292-1
USN-292-1		https://usn.ubuntu.com/292-1/

Data source	Exploit-DB
Date added	May 11, 2006
Description	GNU BinUtils 2.1x - Buffer Overflow
Ransomware campaign use	Known
Source publication date	May 11, 2006
Exploit type	dos
Platform	linux
Source update date	Aug. 25, 2013
Source URL	https://www.securityfocus.com/bid/17950/info

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://secunia.com/advisories/20188

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://secunia.com/advisories/20188

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://secunia.com/advisories/20531

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://secunia.com/advisories/20531

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://secunia.com/advisories/20550

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://secunia.com/advisories/20550

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://secunia.com/advisories/22932

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://secunia.com/advisories/22932

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://secunia.com/advisories/27441

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://secunia.com/advisories/27441

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://exchange.xforce.ibmcloud.com/vulnerabilities/26644

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at https://exchange.xforce.ibmcloud.com/vulnerabilities/26644

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://sourceware.org/bugzilla/show_bug.cgi?id=2584

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://sourceware.org/bugzilla/show_bug.cgi?id=2584

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://www.novell.com/linux/security/advisories/2006_26_sr.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://www.novell.com/linux/security/advisories/2006_26_sr.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://www.securityfocus.com/bid/17950

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://www.securityfocus.com/bid/17950

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://www.securitytracker.com/id?1018872

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://www.securitytracker.com/id?1018872

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://www.trustix.org/errata/2006/0034/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://www.trustix.org/errata/2006/0034/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://www.ubuntu.com/usn/usn-292-1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://www.ubuntu.com/usn/usn-292-1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://www.vupen.com/english/advisories/2006/1924

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://www.vupen.com/english/advisories/2006/1924

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Found at http://www.vupen.com/english/advisories/2007/3665

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-16T20:05:43Z/ Found at http://www.vupen.com/english/advisories/2007/3665

Exploit Prediction Scoring System (EPSS)

Percentile	0.90196
EPSS Score	0.05512
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T16:30:11.407691+00:00	Debian Oval Importer	Import	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.0.0