Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver 3.50.21.10, as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products, allows remote attackers to execute arbitrary code via an 802.11 response frame containing a long SSID field.
https://exchange.xforce.ibmcloud.com/vulnerabilities/30202
http://www.vupen.com/english/advisories/2006/4460
http://www.vupen.com/english/advisories/2006/4459
http://www.kb.cert.org/vuls/id/MAPG-6VGNHW
http://www.kb.cert.org/vuls/id/209376
http://securitytracker.com/id?1017212