{"api_version":"1","generated_at":"2026-04-23T17:15:10+00:00","cve":"CVE-2006-1286","urls":{"html":"https://cve.report/CVE-2006-1286","api":"https://cve.report/api/cve/CVE-2006-1286.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-1286","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-1286"},"summary":{"title":"CVE-2006-1286","description":"Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database.","state":"PUBLISHED","assigner":"mitre","published_at":"2006-03-19 23:02:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"2.1","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://securitytracker.com/id?1015733","name":"http://securitytracker.com/id?1015733","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - Symantec Ghost Underlying Database Bugs May Let Local Users Access the Database","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/19171","name":"http://secunia.com/advisories/19171","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Symantec Ghost Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/0870","name":"http://www.vupen.com/english/advisories/2006/0870","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html","name":"http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Ghost: Local access vulnerabilities in Database","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25089","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25089","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-1286","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-1286","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"1286","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"ghost_solutions_suite","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1286","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_ghost","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1286","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_ghost","cpe6":"8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2006","cve_id":"1286","cve":"CVE-2006-1286","epss":"0.002350000","percentile":"0.464190000","score_date":"2026-04-17","updated_at":"2026-04-18 00:07:15"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T17:03:28.950Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"ghost-dbisqlc-bo(25089)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25089"},{"name":"1015733","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1015733"},{"name":"19171","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/19171"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"},{"name":"ADV-2006-0870","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/0870"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-03-07T00:00:00.000Z","descriptions":[{"lang":"en","value":"Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-19T15:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"ghost-dbisqlc-bo(25089)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25089"},{"name":"1015733","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1015733"},{"name":"19171","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/19171"},{"tags":["x_refsource_CONFIRM"],"url":"http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"},{"name":"ADV-2006-0870","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/0870"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-1286","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"ghost-dbisqlc-bo(25089)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25089"},{"name":"1015733","refsource":"SECTRACK","url":"http://securitytracker.com/id?1015733"},{"name":"19171","refsource":"SECUNIA","url":"http://secunia.com/advisories/19171"},{"name":"http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html","refsource":"CONFIRM","url":"http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html"},{"name":"ADV-2006-0870","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/0870"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-1286","datePublished":"2006-03-19T23:00:00.000Z","dateReserved":"2006-03-19T00:00:00.000Z","dateUpdated":"2024-08-07T17:03:28.950Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2006-03-19 23:02:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:ghost_solutions_suite:1.0:*:*:*:*:*:*:*","matchCriteriaId":"5CC78C2D-E376-40C9-A413-E7F1740F8CF1"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_ghost:8.0:*:*:*:*:*:*:*","matchCriteriaId":"7C4506E0-F4FE-43F0-886A-2F18C39934DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_ghost:8.2:*:*:*:*:*:*:*","matchCriteriaId":"48B6AF37-11B3-4F38-B6E9-04FC32A28630"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"1286","Ordinal":"1","Title":"CVE-2006-1286","CVE":"CVE-2006-1286","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"1286","Ordinal":"1","NoteData":"Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database.","Type":"Description","Title":"CVE-2006-1286"},{"CveYear":"2006","CveId":"1286","Ordinal":"2","NoteData":"2006-03-19","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"1286","Ordinal":"3","NoteData":"2017-07-19","Type":"Other","Title":"Modified"}]}}}