Published: 09/08/2006 Updated: 17/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and previous versions for Windows, and 0.1.10_rc5 and previous versions on Linux/BSD, allow remote malicious users to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a crafted .IT file handled by the itplayerclass::module::load function, (3) a crafted .ULT file handled by the mpLoadULT function, or (4) a crafted .AMS file handled by the mpLoadAMS function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
open cubic player open cubic player

/* by Luigi Auriemma */ #include <stdioh> #include <stdlibh> #include <stringh> #include <stdinth> #define VER "01" #define POCNAME "proof-of-concept" void fwbof(FILE *fd, int len, int chr); void fwi08(FILE *fd, int num); void fwi16(FILE *fd, int num); void fwi32(FILE *fd, int num); void fwstx(FILE ...

NVD-CWE-Other http://aluigi.altervista.org/adv/ocpbof-adv.txt http://www.securityfocus.com/bid/19262 http://securitytracker.com/id?1016611 http://secunia.com/advisories/21267 http://securityreason.com/securityalert/1349 http://www.vupen.com/english/advisories/2006/3078 https://exchange.xforce.ibmcloud.com/vulnerabilities/28106 https://exchange.xforce.ibmcloud.com/vulnerabilities/28105 https://exchange.xforce.ibmcloud.com/vulnerabilities/28104 https://exchange.xforce.ibmcloud.com/vulnerabilities/28103 https://www.exploit-db.com/exploits/2094 http://www.securityfocus.com/archive/1/441730/100/100/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/2094/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-4046

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect