QwikSec

Security Database

CVE

CWE

Training

CVE-2006-6288

Published: Dec 4, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier allow remote attackers to execute arbitrary code via (1) a playlist file with long song names, because of an overflow in the CPL_AddPrefixedFile function in CPI_Playlist.c; (2) a skin file with long button names, because of an overflow in the main_skin_check_ini_value function in skin.c; and (3) a skin file with long bitmap filenames, because of an overflow in the main_skin_open function in skin.c.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

coolplayer-mainskinopen-bo(30863)

vdb-entry

x_refsource_XF

third-party-advisory

x_refsource_SECUNIA

http://coolplayer.cvs.sourceforge.net/coolplayer/Main/stdafx.h?view=log

x_refsource_CONFIRM

20061213 Coolplayer buffer overflow vulnerabilities

mailing-list

x_refsource_FULLDISC

vdb-entry

x_refsource_VUPEN

http://sourceforge.net/project/shownotes.php?group_id=31900&release_id=467783

x_refsource_CONFIRM

20071227 Re: TotalPlayer 3.0 .m3u crash

mailing-list

x_refsource_BUGTRAQ

exploit

x_refsource_EXPLOIT-DB

20071227 Re: Re: TotalPlayer 3.0 .m3u crash

mailing-list

x_refsource_BUGTRAQ

coolplayer-mainskincheck-bo(30861)

vdb-entry

x_refsource_XF

20071227 Re: Re: Re: TotalPlayer 3.0 .m3u crash

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

coolplayer-unspecified-bo(30658)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.