CVE-2006-1356
Description
Stack-based buffer overflow in the count_vcards function in LibVC 3, as used in Rolo, allows user-assisted attackers to execute arbitrary code via a vCard file (e.g. contacts.vcf) containing a long line.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.
✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
LibVC - '.VCard' 003 Processing Buffer Overflow
source: https://www.securityfocus.com/bid/17237/info
LibVC is prone to a buffer-overflow vulnerability. This issue is due to a failure in the library to perform proper bounds checks on user-supplied data before using it in a finite-sized buffer.
The issue occurs when the application handles excessive data supplied with a vcard file.
An attacker can exploit this issue to crash the affected library, effectively denying service. Arbitrary code execution is also possible, which may facilitate a compromise of the underlying system.
The following proof of concept is available:
[example file]
BEGIN:VCARD
VERSION:3.0
F:<bunch of a's>
N:;
END:VCARD
[/example file]OS impact
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 003-4 |
| sid | Fixed | 003-4 |
| forky | Fixed | 003-4 |
| bullseye | Fixed | 003-4 |
| bookworm | Fixed | 003-4 |
References
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.