Moderate severityNVD Advisory· Published May 18, 2006· Updated Apr 16, 2026
CVE-2006-2458
CVE-2006-2458
Description
Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via (1) the asf_read_header function in the ASF plugin (plugins/asfextractor.c), and (2) the parse_trak_atom function in the QT plugin (plugins/qtextractor.c).
Affected products
1- cpe:2.3:a:libextractor:libextractor:0.5.13:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
19- secunia.com/advisories/20150nvdPatchVendor Advisory
- securitytracker.com/idnvdExploitPatch
- www.securityfocus.com/bid/18021nvdExploitPatch
- github.com/advisories/GHSA-f836-7jqw-3684ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2006-2458ghsaADVISORY
- gnunet.org/libextractorghsaWEB
- www.debian.org/security/2006/dsa-1081nvdWEB
- www.gentoo.org/security/en/glsa/glsa-200605-14.xmlnvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/26531nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/26532nvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/extractor/PYSEC-2006-4.yamlghsaWEB
- gnunet.org/libextractor/nvd
- secunia.com/advisories/20160nvd
- secunia.com/advisories/20326nvd
- secunia.com/advisories/20457nvd
- securityreason.com/securityalert/916nvd
- www.novell.com/linux/security/advisories/2006-06-02.htmlnvd
- www.securityfocus.com/archive/1/434288/100/0/threadednvd
- www.vupen.com/english/advisories/2006/1848nvd
News mentions
0No linked articles in our index yet.