Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2006-0006

Published: 14/02/2006 Updated: 19/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 940
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Windows Media Player

Vulnerability Summary

Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote malicious users to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows media player 10

microsoft windows media player 7.1

microsoft windows media player 9

microsoft windows 98

microsoft windows 98se

microsoft windows 2000

microsoft windows 2003 server r2

microsoft windows me

microsoft windows xp

Exploits

Exploit DB: Microsoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (MS06-005) (2)
# sploit creater by redsand@blacksecurityorg # ms06-005 advisory proof of concept # heap overflow in wmfdll @ 0x0035920a # denial of service, cuz we can't get this to play nice #shamelessly stolen from CANVAS code def intel_order(i): str="" a=chr(i % 256) i=i &gt;&gt; 8 b=chr(i % 256) i=i &gt;&gt; 8 c=chr(i % 256) ...
Exploit DB: Microsoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (PoC) (MS06-005) (1)
/* * For Remote Exploration (hint): * wwwspyinstructorscom/atmaca/research/wmp_remote_pocasx */ /* * * Windows Media Player BMP Heap Overflow (MS06-005) * Bug discovered by eEye - wwweeyecom/html/research/advisories/AD20060214html * Exploit coded by ATmaCA * Web: wwwspyinstructorscom &amp;&amp; wwwatmacasoftc ...

References

CWE-119http://www.us-cert.gov/cas/techalerts/TA06-045A.htmlhttp://www.kb.cert.org/vuls/id/291396http://www.eeye.com/html/research/advisories/AD20060214.htmlhttp://www.securityfocus.com/bid/16633http://securitytracker.com/id?1015627http://secunia.com/advisories/18835http://securityreason.com/securityalert/423http://www.vupen.com/english/advisories/2006/0574https://exchange.xforce.ibmcloud.com/vulnerabilities/24488https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1661https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1598https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1578https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1256https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-005http://www.securityfocus.com/archive/1/425158/100/0/threadedhttp://www.securityfocus.com/archive/1/424983/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/1502/https://www.kb.cert.org/vuls/id/291396
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook