CVE-2006-4046

2006-08-0923:00:00

mitre

www.cve.org

7.8 High

AI Score

Confidence

High

0.32 Low

EPSS

Percentile

97.0%

JSON

Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a crafted .IT file handled by the itplayerclass::module::load function, (3) a crafted .ULT file handled by the mpLoadULT function, or (4) a crafted .AMS file handled by the mpLoadAMS function.

References

aluigi.altervista.org/adv/ocpbof-adv.txt

secunia.com/advisories/21267

securityreason.com/securityalert/1349

securitytracker.com/id?1016611

www.securityfocus.com/archive/1/441730/100/100/threaded

www.securityfocus.com/bid/19262

www.vupen.com/english/advisories/2006/3078

exchange.xforce.ibmcloud.com/vulnerabilities/28103

exchange.xforce.ibmcloud.com/vulnerabilities/28104

exchange.xforce.ibmcloud.com/vulnerabilities/28105

exchange.xforce.ibmcloud.com/vulnerabilities/28106

www.exploit-db.com/exploits/2094