CVE-2006-6293

F-Prot Antivirus <4.6.7 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6293. PoCs published by Evgeny Legerov.

AI-analyzed exploit summary This exploit generates a malformed .CHM file that triggers a heap overflow in F-Prot 4.6.6 when scanned. The overflow occurs due to incorrect handling of the block_len field in the ITSP section.

Description

Heap-based buffer overflow in FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to execute arbitrary code via a crafted CHM file. NOTE: this issue has at least a partial overlap with CVE-2006-6294.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Evgeny Legerov · pythondoslinux

https://www.exploit-db.com/exploits/2893

View Code ZIP pw:eip

This exploit generates a malformed .CHM file that triggers a heap overflow in F-Prot 4.6.6 when scanned. The overflow occurs due to incorrect handling of the block_len field in the ITSP section.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: F-Prot Antivirus 4.6.6

No auth needed

Prerequisites: F-Prot 4.6.6 installed · Ability to deliver a malicious .CHM file to the target system

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13

Core References

Exploit x_refsource_misc

http://gleg.net/vulndisco_meta.shtml

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23328

Various Sources x_refsource_confirm

http://www.f-prot.com/news/gen_news/061201_release_unix467.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22879

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/30406

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1017331

Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21086

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/453475/100/0/threaded

Various Sources x_refsource_misc

http://gleg.net/fprot.txt

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200612-12.xml

Mailing List mailing-list x_refsource_fulldisc

http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051096.html

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/4830

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/2893

Scores

EPSS 0.1585

EPSS Percentile 96.5%

Details

CWE

CWE-119

Status published

Products (25)

f-prot/f-prot_antivirus 3.11b

f-prot/f-prot_antivirus 3.12

f-prot/f-prot_antivirus 3.12a

f-prot/f-prot_antivirus 3.12b

f-prot/f-prot_antivirus 3.12c

f-prot/f-prot_antivirus 3.12d

f-prot/f-prot_antivirus 3.13

f-prot/f-prot_antivirus 3.13a

f-prot/f-prot_antivirus 3.14

f-prot/f-prot_antivirus 3.14a

... and 15 more

Published Dec 05, 2006

Tracked Since Feb 18, 2026