Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2006-6199

Published: 01/12/2006 Updated: 19/10/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 795
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Blazevideo

Vulnerability Summary

Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote malicious users to execute arbitrary code via a long filename in a PLF playlist.

Vulnerable Product Search on Vulmon Subscribe to Product

blazevideo blaze dvd 5.0

Exploits

Exploit DB: BlazeVideo HDTV Player 2.1 - '.PLF' Local Buffer Overflow
/* ======================================================================== 0-day BlazeVideo HDTV Player <= v21 Malformed PLF Buffer Overflow PoC ======================================================================== BlazeVideo HDTV v21 and prior fails to properly handle large file paths inside PLF files, the result is a stack based buffer o ...
Exploit DB: BlazeDVD 5.1 - PLF Buffer Overflow (Metasploit)
## # $Id: blazedvd_plfrb 10998 2010-11-11 22:43:22Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Me ...
Exploit DB: BlazeDVD 5.1 (Windows 7) - '.plf' File Stack Buffer Overflow (ASLR + DEP Bypass)
#!/usr/bin/python # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # BlazeDVD v51 (plf) Stack Buffer Overflow PoC exploit - ALSR/DEP bypass on win7 # Author: mr_me - net-ninjanet - mr_me[AT]corelanbe - @StevenSeeley # Download: wwwblazevideocom/ # Tested on windows 7 version N - DEP = AlwaysOn # Greetz: C ...
Exploit DB: BlazeDVD 5.1/HDTV Player 6.0 - '.plf' Universal Buffer Overflow (SEH)
#!/usr/bin/perl # by ThE g0bL!N #THNX: His0k4 Wahdo :) #BlazeDVD 51 Professional/Blaze HDTV Player 60 /(PLF File) Universal Buffer Overflow Exploit (SEH) ################################################################## my $bof="x41" x 608; my $nsh="xEBx06x90x90"; my $seh="x71xFBx32x60" ;# Universal Address my $nop="x90" x 20; my $sec= "xebx03x ...
Exploit DB: BlazeDVD 6.2 - '.plf' Local Buffer Overflow (SEH)
#!/usr/bin/perl ######################################################################################### # Exploit Title: BlazeDVD 62 plf Buffer Overflow (SEH) # Date: 10-28-2013 # Exploit Author: Mike Czumak (T_v3rn1x) -- @SecuritySift # Vulnerable Software: BlazeDVD 62 # Software Link: # Version: 6200 # Tested On: Windows XP SP3 # To exp ...
Exploit DB: BlazeDVD 5.0 - '.PLF' Playlist File Remote Buffer Overflow
#!/usr/bin/perl # # Title: BlazeDVD 50 PLF Playlist File Remote Buffer Overflow Exploit (PoC) # # Summary: BlazeDVD is leading powerful and easy-to-use DVD player software # It can provide superior video and audio(Dolby) quality, together with other # enhanced features:eg recording DVD,playback image and DV,bookmark and image # captureetcFurt ...
Exploit DB: BlazeDVD Pro Player 6.1 - Direct RET Local Stack Buffer Overflow
#!/usr/bin/perl # BlazeDVD Pro player 61 Local stack based buffer overflow # Author: PuN1sh3r # Email: luiguibiker@gmailcom # Date: Mon Jul 15 03:01:37 EDT 2013 # Vendor link: wwwblazevideocom/downloadhtmm # Software Link: wwwblazevideocom/downloadphp?product=BlazeDVDPro # App Version: 61 # Tested on: Windows 2003 server sp ...
Exploit DB: BlazeDVD 6.1 - '.PLF' File (ASLR + DEP Bypass) (Metasploit)
## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking inc ...
Exploit DB: BlazeDVD 5.1 Professional - '.plf' Local Buffer Overflow (SEH)
#!/usr/bin/perl # by hack4love # hack4love@hotmailcom # BlazeDVD 51 Professional (PLF File) Local Buffer Overflow Exploit (SEH) # ## easy ## ###Thanks for SkuLL-HacKeR ####and all WwWSec-ArTCoM/cc team ##AND special THANKS FOR EL7ADRANY ##AND 3ASFH TEAM## ## this work sooooooooo good ## Tested on: Windows XP Pro SP2 (EN) ###################### ...

Github Repositories

https://github.com/YasiruJAY/Buffer-Overflow-Walkthrough

A buffer overflow exploitation on a real life software

Buffer-Overflow-Walkthrough A buffer overflow exploitation on a real life software This document is an in-detail writeup of how to exploit a buffer overflow vulnerability in BlazeDVD player, and execute a payload that allows an attacker to gain access to the victim's root shell Note: This is NOT a zero-day vulnerability An exploit for this vulnerability (CVE-2006-6199)

References

CWE-119http://www.securityfocus.com/bid/21337http://secunia.com/advisories/23041http://whitestar.linuxbox.org/pipermail/exploits/2006-December/000065.htmlhttp://www.osvdb.org/30770http://www.vupen.com/english/advisories/2006/4764http://www.exploit-db.com/exploits/26889http://www.exploit-db.com/exploits/23783https://exchange.xforce.ibmcloud.com/vulnerabilities/30567https://www.exploit-db.com/exploits/2880https://nvd.nist.govhttps://github.com/YasiruJAY/Buffer-Overflow-Walkthroughhttps://www.exploit-db.com/exploits/2880/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook