Vulnerabilities > CVE-2006-6063 - Remote Buffer Overflow vulnerability in XMPlay Playlist Files

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
un4seen
exploit available
metasploit
NVD
Published: 2006-11-22
Updated: 2017-10-19

Summary

Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName.

Vulnerable Configurations

Part Description Count
Application
Un4Seen
1

Exploit-Db

  • descriptionXMPlay 3.3.0.4 (ASX Filename) Buffer Overflow. CVE-2006-6063. Local exploit for windows platform
    idEDB-ID:16556
    last seen2016-02-02
    modified2010-05-09
    published2010-05-09
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16556/
    titleXMPlay 3.3.0.4 ASX Filename Buffer Overflow
  • descriptionXMPlay 3.3.0.4 (M3U Filename) Local Buffer Overflow Exploit. CVE-2006-6063. Local exploit for windows platform
    fileexploits/windows/local/2815.c
    idEDB-ID:2815
    last seen2016-01-31
    modified2006-11-20
    platformwindows
    port
    published2006-11-20
    reporterGreg Linares
    sourcehttps://www.exploit-db.com/download/2815/
    titleXMPlay 3.3.0.4 M3U Filename Local Buffer Overflow Exploit
    typelocal

Metasploit

descriptionThis module exploits a stack buffer overflow in XMPlay 3.3.0.4. The vulnerability is caused due to a boundary error within the parsing of playlists containing an overly long file name. This module uses the ASX file format.
idMSF:EXPLOIT/WINDOWS/BROWSER/XMPLAY_ASX
last seen2020-06-13
modified2017-07-24
published2006-11-24
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/xmplay_asx.rb
titleXMPlay 3.3.0.4 (ASX Filename) Buffer Overflow

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/83116/xmplay_asx.rb.txt
idPACKETSTORM:83116
last seen2016-12-05
published2009-11-26
reporterMC
sourcehttps://packetstormsecurity.com/files/83116/XMPlay-3.3.0.4-ASX-Filename-Buffer-Overflow.html
titleXMPlay 3.3.0.4 (ASX Filename) Buffer Overflow

References