Lucene search
HistoryDec 04, 2006 - 11:28 a.m.
CVE-2006-6251
vuplayer
buffer overflow
cve-2006-6251
remote code execution
m3u unc name attack
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
High
0.86 High
EPSS
Percentile
98.6%
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long string in an M3U file, aka an “M3U UNC Name” attack.
Affected configurations
Node
vuplayervuplayerRange≤2.44
| CPE | Name | Operator | Version |
|---|---|---|---|
| vuplayer:vuplayer | vuplayer | le | 2.44 |
Related
nvd
nvd
CVE-2006-6251
2006-12-04 11:28:00
packetstorm
packetstorm
vuplayer_bof.pl.txt
2008-08-18 00:00:00
VUPlayer M3U Buffer Overflow
2009-11-26 00:00:00
zeroscience
zeroscience
VUPlayer 2.49 M3U Playlist File Remote Buffer Overflow Exploit
2008-08-18 00:00:00
cvelist
cvelist
CVE-2006-6251
2006-12-04 11:00:00
cert
cert
VUPlayer malformed playlist buffer overflow
2007-09-06 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
High
0.86 High
EPSS
Percentile
98.6%
Related for CVE-2006-6251