{"api_version":"1","generated_at":"2026-05-13T11:01:21+00:00","cve":"CVE-2006-5966","urls":{"html":"https://cve.report/CVE-2006-5966","api":"https://cve.report/api/cve/CVE-2006-5966.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-5966","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-5966"},"summary":{"title":"CVE-2006-5966","description":"Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to (1) reboot the system using the Reinicializar method in the ActiveScan.1 ActiveX control, or (2) determine arbitrary file existence and size via the ObtenerTamano method in the PAVPZ.SOS.1 ActiveX control.","state":"PUBLISHED","assigner":"flexera","published_at":"2006-11-17 22:07:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-399","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"6.4","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:N/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:P","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.vupen.com/english/advisories/2006/4536","name":"http://www.vupen.com/english/advisories/2006/4536","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/21132","name":"http://www.securityfocus.com/bid/21132","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Panda ActiveScan ActiveX Controls Multiple Remote Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securityfocus.com/archive/1/451864/100/0/threaded","name":"http://www.securityfocus.com/archive/1/451864/100/0/threaded","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/21763","name":"http://secunia.com/advisories/21763","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Panda ActiveScan Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/secunia_research/2006-64/advisory/","name":"http://secunia.com/secunia_research/2006-64/advisory/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Panda ActiveScan Multiple Vulnerabilities - Secunia Research - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30317","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30317","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30318","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30318","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-5966","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-5966","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"5966","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"panda","cpe5":"activescan","cpe6":"5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"5966","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"panda","cpe5":"activescan","cpe6":"5.53.00","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T20:12:31.012Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"pandaactivescan-pavpz-info-disclosure(30318)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30318"},{"name":"21763","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/21763"},{"name":"21132","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/21132"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://secunia.com/secunia_research/2006-64/advisory/"},{"name":"ADV-2006-4536","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/4536"},{"name":"20061116 Secunia Research: Panda ActiveScan Multiple Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/451864/100/0/threaded"},{"name":"pandaactivescan-activescan-dos(30317)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30317"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-11-16T00:00:00.000Z","descriptions":[{"lang":"en","value":"Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to (1) reboot the system using the Reinicializar method in the ActiveScan.1 ActiveX control, or (2) determine arbitrary file existence and size via the ObtenerTamano method in the PAVPZ.SOS.1 ActiveX control."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-17T20:57:01.000Z","orgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","shortName":"flexera"},"references":[{"name":"pandaactivescan-pavpz-info-disclosure(30318)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30318"},{"name":"21763","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/21763"},{"name":"21132","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/21132"},{"tags":["x_refsource_MISC"],"url":"http://secunia.com/secunia_research/2006-64/advisory/"},{"name":"ADV-2006-4536","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/4536"},{"name":"20061116 Secunia Research: Panda ActiveScan Multiple Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/451864/100/0/threaded"},{"name":"pandaactivescan-activescan-dos(30317)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30317"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"PSIRT-CNA@flexerasoftware.com","ID":"CVE-2006-5966","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to (1) reboot the system using the Reinicializar method in the ActiveScan.1 ActiveX control, or (2) determine arbitrary file existence and size via the ObtenerTamano method in the PAVPZ.SOS.1 ActiveX control."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"pandaactivescan-pavpz-info-disclosure(30318)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30318"},{"name":"21763","refsource":"SECUNIA","url":"http://secunia.com/advisories/21763"},{"name":"21132","refsource":"BID","url":"http://www.securityfocus.com/bid/21132"},{"name":"http://secunia.com/secunia_research/2006-64/advisory/","refsource":"MISC","url":"http://secunia.com/secunia_research/2006-64/advisory/"},{"name":"ADV-2006-4536","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/4536"},{"name":"20061116 Secunia Research: Panda ActiveScan Multiple Vulnerabilities","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/451864/100/0/threaded"},{"name":"pandaactivescan-activescan-dos(30317)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30317"}]}}}},"cveMetadata":{"assignerOrgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","assignerShortName":"flexera","cveId":"CVE-2006-5966","datePublished":"2006-11-17T22:00:00.000Z","dateReserved":"2006-11-17T00:00:00.000Z","dateUpdated":"2024-08-07T20:12:31.012Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2006-11-17 22:07:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-399","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:P","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:panda:activescan:5.0:*:*:*:*:*:*:*","matchCriteriaId":"5AE78593-0DC5-47C1-9624-5E304A7215B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:panda:activescan:5.53.00:*:*:*:*:*:*:*","matchCriteriaId":"AA17277C-337F-4AE0-B92B-C572EEFCAF83"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"5966","Ordinal":"1","Title":"CVE-2006-5966","CVE":"CVE-2006-5966","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"5966","Ordinal":"1","NoteData":"Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to (1) reboot the system using the Reinicializar method in the ActiveScan.1 ActiveX control, or (2) determine arbitrary file existence and size via the ObtenerTamano method in the PAVPZ.SOS.1 ActiveX control.","Type":"Description","Title":"CVE-2006-5966"},{"CveYear":"2006","CveId":"5966","Ordinal":"2","NoteData":"2006-11-17","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"5966","Ordinal":"3","NoteData":"2018-10-17","Type":"Other","Title":"Modified"}]}}}