Published: 04/12/2006 Updated: 19/10/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 765

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in VUPlayer 2.44 and previous versions allows remote malicious users to execute arbitrary code via a long string in an M3U file, aka an "M3U UNC Name" attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vuplayer vuplayer

VUPlayer version 249 M3U playlist file remote buffer overflow exploit Shellcode spawns calcexe ...

## # $Id: vuplayer_m3urb 10998 2010-11-11 22:43:22Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Me ...

/* _______ ________ __ _____ __ ___ __\ _ \ ____ \_____ \ | |__ / | | ____ | | __ \ \/ / /_\ \ / \ _(__ < ______ | | \ / | |__/ ___\| |/ / > <\ \_/ \ | \/ \ /_____/ | Y \/ ^ /\ \___| < /__/\_ \\_____ /___| /______ / ...

require 'msf/core' module Msf class Exploits::Windows::Browser::VUPlayer_M3U < Msf::Exploit::Remote include Exploit::Remote::HttpServer::Html def initialize(info = {}) super(update_info(info, 'Name' => 'VUPlayer <= 244 M3U UNC Name Buffer Overflow', 'Description' => %q{ This module exploits a stack overfl ...

NVD-CWE-Other http://www.securityfocus.com/bid/21363 http://secunia.com/advisories/23182 http://www.kb.cert.org/vuls/id/311192 http://www.vupen.com/english/advisories/2006/4783 https://exchange.xforce.ibmcloud.com/vulnerabilities/30629 https://www.exploit-db.com/exploits/2872 https://www.exploit-db.com/exploits/2870 https://nvd.nist.gov https://packetstormsecurity.com/files/69182/vuplayer_bof.pl.txt.html https://www.exploit-db.com/exploits/16617/https://www.kb.cert.org/vuls/id/311192

CVE-2006-6251

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect