CVE-2006-6288 - Vulnerability Details - OpenCVE

ReportizFlow

Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier allow remote attackers to execute arbitrary code via (1) a playlist file with long song names, because of an overflow in the CPL_AddPrefixedFile function in CPI_Playlist.c; (2) a skin file with long button names, because of an overflow in the main_skin_check_ini_value function in skin.c; and (3) a skin file with long bitmap filenames, because of an overflow in the main_skin_open function in skin.c.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Niek Albers	Coolplayer

Configuration 1 [-]

cpe:2.3:a:niek_albers:coolplayer:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://coolplayer.cvs.sourceforge.net/coolplayer/Main/stdafx.h?view=log
http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051269.html
http://secunia.com/advisories/23360
http://sourceforge.net/project/shownotes.php?group_id=31900&release_id=467783
http://www.securityfocus.com/archive/1/485547/100/100/threaded
http://www.securityfocus.com/archive/1/485564/100/100/threaded
http://www.securityfocus.com/archive/1/485578/100/100/threaded
http://www.securityfocus.com/bid/21396
http://www.vupen.com/english/advisories/2006/4806
https://exchange.xforce.ibmcloud.com/vulnerabilities/30658
https://exchange.xforce.ibmcloud.com/vulnerabilities/30861
https://exchange.xforce.ibmcloud.com/vulnerabilities/30863
https://www.exploit-db.com/exploits/4839

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-12-04T11:00:00

Updated: 2024-08-07T20:19:35.198Z

Reserved: 2006-12-04T00:00:00

Link: CVE-2006-6288

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-12-04T11:28:00.000

Modified: 2024-11-21T00:22:21.320

Link: CVE-2006-6288

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-12-01T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier allow remote attackers to execute arbitrary code via (1) a playlist file with long song names, because of an overflow in the CPL_AddPrefixedFile function in CPI_Playlist.c; (2) a skin file with long button names, because of an overflow in the main_skin_check_ini_value function in skin.c; and (3) a skin file with long bitmap filenames, because of an overflow in the main_skin_open function in skin.c."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "coolplayer-mainskinopen-bo(30863)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30863"}, {"name": "23360", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23360"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://coolplayer.cvs.sourceforge.net/coolplayer/Main/stdafx.h?view=log"}, {"name": "20061213 Coolplayer buffer overflow vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051269.html"}, {"name": "ADV-2006-4806", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4806"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/project/shownotes.php?group_id=31900&release_id=467783"}, {"name": "20071227 Re: TotalPlayer 3.0 .m3u crash", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/485547/100/100/threaded"}, {"name": "4839", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/4839"}, {"name": "20071227 Re: Re: TotalPlayer 3.0 .m3u crash", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/485564/100/100/threaded"}, {"name": "coolplayer-mainskincheck-bo(30861)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30861"}, {"name": "20071227 Re: Re: Re: TotalPlayer 3.0 .m3u crash", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/485578/100/100/threaded"}, {"name": "21396", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21396"}, {"name": "coolplayer-unspecified-bo(30658)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30658"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2006-6288", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier allow remote attackers to execute arbitrary code via (1) a playlist file with long song names, because of an overflow in the CPL_AddPrefixedFile function in CPI_Playlist.c; (2) a skin file with long button names, because of an overflow in the main_skin_check_ini_value function in skin.c; and (3) a skin file with long bitmap filenames, because of an overflow in the main_skin_open function in skin.c."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "coolplayer-mainskinopen-bo(30863)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30863"}, {"name": "23360", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23360"}, {"name": "http://coolplayer.cvs.sourceforge.net/coolplayer/Main/stdafx.h?view=log", "refsource": "CONFIRM", "url": "http://coolplayer.cvs.sourceforge.net/coolplayer/Main/stdafx.h?view=log"}, {"name": "20061213 Coolplayer buffer overflow vulnerabilities", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051269.html"}, {"name": "ADV-2006-4806", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4806"}, {"name": "http://sourceforge.net/project/shownotes.php?group_id=31900&release_id=467783", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?group_id=31900&release_id=467783"}, {"name": "20071227 Re: TotalPlayer 3.0 .m3u crash", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/485547/100/100/threaded"}, {"name": "4839", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/4839"}, {"name": "20071227 Re: Re: TotalPlayer 3.0 .m3u crash", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/485564/100/100/threaded"}, {"name": "coolplayer-mainskincheck-bo(30861)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30861"}, {"name": "20071227 Re: Re: Re: TotalPlayer 3.0 .m3u crash", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/485578/100/100/threaded"}, {"name": "21396", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21396"}, {"name": "coolplayer-unspecified-bo(30658)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30658"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:19:35.198Z"}, "title": "CVE Program Container", "references": [{"name": "coolplayer-mainskinopen-bo(30863)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30863"}, {"name": "23360", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23360"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://coolplayer.cvs.sourceforge.net/coolplayer/Main/stdafx.h?view=log"}, {"name": "20061213 Coolplayer buffer overflow vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051269.html"}, {"name": "ADV-2006-4806", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4806"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/project/shownotes.php?group_id=31900&release_id=467783"}, {"name": "20071227 Re: TotalPlayer 3.0 .m3u crash", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/485547/100/100/threaded"}, {"name": "4839", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/4839"}, {"name": "20071227 Re: Re: TotalPlayer 3.0 .m3u crash", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/485564/100/100/threaded"}, {"name": "coolplayer-mainskincheck-bo(30861)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30861"}, {"name": "20071227 Re: Re: Re: TotalPlayer 3.0 .m3u crash", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/485578/100/100/threaded"}, {"name": "21396", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21396"}, {"name": "coolplayer-unspecified-bo(30658)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30658"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6288", "datePublished": "2006-12-04T11:00:00", "dateReserved": "2006-12-04T00:00:00", "dateUpdated": "2024-08-07T20:19:35.198Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:niek_albers:coolplayer:*:*:*:*:*:*:*:*", "matchCriteriaId": "311EE66E-F568-4C01-A95B-8F7210632565", "versionEndIncluding": "216", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier allow remote attackers to execute arbitrary code via (1) a playlist file with long song names, because of an overflow in the CPL_AddPrefixedFile function in CPI_Playlist.c; (2) a skin file with long button names, because of an overflow in the main_skin_check_ini_value function in skin.c; and (3) a skin file with long bitmap filenames, because of an overflow in the main_skin_open function in skin.c."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en Niek Albers CoolPlayer 216 y anteriores permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de (1) un fichero playlist con nombres de canciones largos, debido a un desbordamiento en la funci\u00f3n CPL_AddPrefixedFile en CPI_Playlist.c; (2) un archivo skin con un nombres largos de bot\u00f3n, debido a un desbordamiento en la funci\u00f3n main_skin_check_ini_value en skin.c; y (3) un fichero skin con nombres de fichero bitmap largos, debido a un desbordamiento en la funci\u00f3n main_skin_open en skin.c."}], "id": "CVE-2006-6288", "lastModified": "2024-11-21T00:22:21.320", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-12-04T11:28:00.000", "references": [{"source": "[email protected]", "url": "http://coolplayer.cvs.sourceforge.net/coolplayer/Main/stdafx.h?view=log"}, {"source": "[email protected]", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051269.html"}, {"source": "[email protected]", "url": "http://secunia.com/advisories/23360"}, {"source": "[email protected]", "url": "http://sourceforge.net/project/shownotes.php?group_id=31900&release_id=467783"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/485547/100/100/threaded"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/485564/100/100/threaded"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/archive/1/485578/100/100/threaded"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/bid/21396"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/4806"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30658"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30861"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30863"}, {"source": "[email protected]", "url": "https://www.exploit-db.com/exploits/4839"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://coolplayer.cvs.sourceforge.net/coolplayer/Main/stdafx.h?view=log"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051269.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/23360"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/project/shownotes.php?group_id=31900&release_id=467783"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485547/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485564/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485578/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/21396"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/4806"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30658"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30861"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30863"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/4839"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "[email protected]", "type": "Primary"}]}