Unrated severityNVD Advisory· Published Sep 20, 2006· Updated Apr 16, 2026

CVE-2006-4438

Description

Heap-based buffer overflow in SpIDer for Dr.Web Scanner for Linux 4.33, and possibly earlier versions, allows remote attackers to execute arbitrary code via an LHA archive with an extended header that contains a long directory name.

Affected products

Doctor Web Ltd/Dr.web
cpe:2.3:a:doctor_web_ltd:dr.web:*:*:*:*:*:*:*:*
Range: <=4.33_for_linux

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/22019nvdVendor Advisory
lists.grok.org.uk/pipermail/full-disclosure/2006-October/049552.htmlnvd
www.securityfocus.com/bid/20119nvd
www.vupen.com/english/advisories/2006/3719nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000