Unrated severityNVD Advisory· Published Jul 27, 2006· Updated Apr 16, 2026

CVE-2006-3901

Description

Multiple stack-based buffer overflows in Tumbleweed Email Firewall (EMF) allow remote attackers to execute arbitrary code via an email attachment with an LHA archive that contains a (1) file or (2) directory with a long LHA extended header, (3) an LHA archive in which the "temporary pathname" field for decompressed output is greater than 2 bytes, or (4) an LHA archive with a long filename.

Affected products

Tumbleweed/Mailgate Email Firewall
cpe:2.3:a:tumbleweed:mailgate_email_firewall:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/21194nvdVendor Advisory
www.hustlelabs.com/advisories/04072006_tweed.pdfnvdVendor Advisory
marc.infonvd
www.osvdb.org/27495nvd
www.securityfocus.com/archive/1/441497/100/0/threadednvd
www.securityfocus.com/bid/19146nvd
www.vupen.com/english/advisories/2006/2970nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000