CVE-2006-1356

LibVC 3 - Stack-Based Buffer Overflow via Long Line in vCard File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1356. PoCs published by trew.

AI-analyzed exploit summary The exploit demonstrates a buffer overflow vulnerability in LibVC by providing a malformed vCard file with excessive data in the 'F' field. This can lead to a denial of service or potential arbitrary code execution.

Description

Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file (e.g. contacts.vcf) containing a long line.

Exploits (1)

exploitdb WORKING POC VERIFIED
by trew · textdosmultiple
https://www.exploit-db.com/exploits/27474

The exploit demonstrates a buffer overflow vulnerability in LibVC by providing a malformed vCard file with excessive data in the 'F' field. This can lead to a denial of service or potential arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: LibVC (version not specified)
No auth needed
Prerequisites: Ability to deliver a malformed vCard file to the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit x_refsource_misc
http://osvdb.org/ref/23/23985-libvc.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25430
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/23985
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19295
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/17237

Scores

EPSS 0.0438
EPSS Percentile 90.0%

Details

Status published
Products (2)
andrew_hsu/libvc 3
andrew_hsu/rolo 11
Published Mar 22, 2006
Tracked Since Feb 18, 2026