CVE-2006-2086

Junipersetup Control - Buffer Overflow

Title source: rule

Description

Buffer overflow in JuniperSetupDLL.dll, loaded from JuniperSetup.ocx by the Juniper SSL-VPN Client when accessing a Juniper NetScreen IVE device running IVE OS before 4.2r8.1, 5.0 before 5.0r6.1, 5.1 before 5.1r8, 5.2 before 5.2r4.1, or 5.3 before 5.3r2.1, allows remote attackers to execute arbitrary code via a long argument in the ProductName parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16568
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/juniper_sslvpn_ive_setupdll.rb

References (11)

Scores

EPSS 0.7733
EPSS Percentile 99.0%

Details

Status published
Products (1)
juniper/junipersetup_control
Published Apr 29, 2006
Tracked Since Feb 18, 2026