Unrated severityNVD Advisory· Published Apr 25, 2006· Updated Apr 16, 2026

CVE-2006-2007

Description

Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrary code via long strings to certain commands sent to the file transfer port.

Affected products

Winny/Winny2 versions
cpe:2.3:a:winny:winny:2.0b5.7:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:winny:winny:2.0b5.7:*:*:*:*:*:*:*
- cpe:2.3:a:winny:winny:2.0b7.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19795nvdVendor Advisory
www.eeye.com/html/research/advisories/AD20060421.htmlnvdVendor Advisory
www.kb.cert.org/vuls/id/167033nvdUS Government Resource
jvn.jp/jp/JVN%2374294680/index.htmlnvd
www.osvdb.org/24883nvd
www.securityfocus.com/bid/17666nvd
www.vupen.com/english/advisories/2006/1486nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25986nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000