Lucene search

[email protected]CVE-2006-6261

HistoryDec 04, 2006 - 11:28 a.m.

CVE-2006-6261

2006-12-0411:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-6261

buffer overflow

quintessential player

denial of service

remote attackers

arbitrary code

crafted files

8.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.029 Low

EPSS

Percentile

90.7%

JSON

Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), © Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.

CPENameOperatorVersion
quinnware:quintessential_playerquinnware quintessential playerle4.50.1.82

CPE	Name	Operator	Version
quinnware:quintessential_player	quinnware quintessential player	le	4.50.1.82

References

www.securityfocus.com/bid/21331

exchange.xforce.ibmcloud.com/vulnerabilities/30559

www.exploit-db.com/exploits/2860

8.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.029 Low

EPSS

Percentile

90.7%

JSON