Vulnerabilities > CVE-2006-6063 - Unspecified vulnerability in Un4Seen Xmplay
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description XMPlay 3.3.0.4 (ASX Filename) Buffer Overflow. CVE-2006-6063. Local exploit for windows platform id EDB-ID:16556 last seen 2016-02-02 modified 2010-05-09 published 2010-05-09 reporter metasploit source https://www.exploit-db.com/download/16556/ title XMPlay 3.3.0.4 ASX Filename Buffer Overflow description XMPlay 3.3.0.4 (M3U Filename) Local Buffer Overflow Exploit. CVE-2006-6063. Local exploit for windows platform file exploits/windows/local/2815.c id EDB-ID:2815 last seen 2016-01-31 modified 2006-11-20 platform windows port published 2006-11-20 reporter Greg Linares source https://www.exploit-db.com/download/2815/ title XMPlay 3.3.0.4 M3U Filename Local Buffer Overflow Exploit type local
Metasploit
| description | This module exploits a stack buffer overflow in XMPlay 3.3.0.4. The vulnerability is caused due to a boundary error within the parsing of playlists containing an overly long file name. This module uses the ASX file format. |
| id | MSF:EXPLOIT/WINDOWS/BROWSER/XMPLAY_ASX |
| last seen | 2020-06-13 |
| modified | 2017-07-24 |
| published | 2006-11-24 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/xmplay_asx.rb |
| title | XMPlay 3.3.0.4 (ASX Filename) Buffer Overflow |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/83116/xmplay_asx.rb.txt |
| id | PACKETSTORM:83116 |
| last seen | 2016-12-05 |
| published | 2009-11-26 |
| reporter | MC |
| source | https://packetstormsecurity.com/files/83116/XMPlay-3.3.0.4-ASX-Filename-Buffer-Overflow.html |
| title | XMPlay 3.3.0.4 (ASX Filename) Buffer Overflow |
References
- http://secunia.com/advisories/22999
- http://secunia.com/advisories/22999
- http://www.securityfocus.com/bid/21206
- http://www.securityfocus.com/bid/21206
- http://www.vupen.com/english/advisories/2006/4636
- http://www.vupen.com/english/advisories/2006/4636
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30436
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30436
- https://www.exploit-db.com/exploits/2815
- https://www.exploit-db.com/exploits/2815