CVE-2006-3251
hashcash < 1.20 - Heap-based Buffer Overflow via Crafted Entries
Title source: llmDescription
Heap-based buffer overflow in the array_push function in hashcash.c for Hashcash before 1.21 might allow attackers to execute arbitrary code via crafted entries.
References (9)
Core 9
Core References
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2551
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/27422
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20800
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21146
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200606-25.xml
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1114
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20846
Various Sources x_refsource_confirm
http://www.hashcash.org/source/CHANGELOG
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/18659
Scores
EPSS
0.0359
EPSS Percentile
88.1%
Details
CWE
CWE-119
Status
published
Products (21)
hashcash/hashcash
1.00
hashcash/hashcash
1.01
hashcash/hashcash
1.02
hashcash/hashcash
1.03
hashcash/hashcash
1.04
hashcash/hashcash
1.05
hashcash/hashcash
1.06
hashcash/hashcash
1.07
hashcash/hashcash
1.08
hashcash/hashcash
1.09
... and 11 more
Published
Jun 27, 2006
Tracked Since
Feb 18, 2026