// For flags

CVE-2006-6261

Quintessential Player 4.50.1.82 - Playlist Denial of Service (PoC)

Severity Score

9.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.

Desbordamiento de búfer en Quintessential Player 4.50.1.82 y anteriores permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante un fichero (1) M3u o (2) M3u-8 manipulado; o mediante un (3) fichero PLS artesanal con un valor grande en los campos (a) NumberofEntries, (b) Length (también conocido como Length1), (c) Filename (aka File1), (d) Title (también conocido como Title1), u otros campos no especificados.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-12-03 CVE Reserved
  • 2006-12-04 CVE Published
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • 2024-08-09 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Quinnware
Search vendor "Quinnware"
Quintessential Player
Search vendor "Quinnware" for product "Quintessential Player"
<= 4.50.1.82
Search vendor "Quinnware" for product "Quintessential Player" and version " <= 4.50.1.82"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows 2000
Search vendor "Microsoft" for product "Windows 2000"
*-
Safe
Quinnware
Search vendor "Quinnware"
Quintessential Player
Search vendor "Quinnware" for product "Quintessential Player"
<= 4.50.1.82
Search vendor "Quinnware" for product "Quintessential Player" and version " <= 4.50.1.82"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows 95
Search vendor "Microsoft" for product "Windows 95"
*-
Safe
Quinnware
Search vendor "Quinnware"
Quintessential Player
Search vendor "Quinnware" for product "Quintessential Player"
<= 4.50.1.82
Search vendor "Quinnware" for product "Quintessential Player" and version " <= 4.50.1.82"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows 98
Search vendor "Microsoft" for product "Windows 98"
*gold
Safe
Quinnware
Search vendor "Quinnware"
Quintessential Player
Search vendor "Quinnware" for product "Quintessential Player"
<= 4.50.1.82
Search vendor "Quinnware" for product "Quintessential Player" and version " <= 4.50.1.82"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Me
Search vendor "Microsoft" for product "Windows Me"
*-
Safe
Quinnware
Search vendor "Quinnware"
Quintessential Player
Search vendor "Quinnware" for product "Quintessential Player"
<= 4.50.1.82
Search vendor "Quinnware" for product "Quintessential Player" and version " <= 4.50.1.82"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Nt
Search vendor "Microsoft" for product "Windows Nt"
4.0
Search vendor "Microsoft" for product "Windows Nt" and version "4.0"
-
Safe
Quinnware
Search vendor "Quinnware"
Quintessential Player
Search vendor "Quinnware" for product "Quintessential Player"
<= 4.50.1.82
Search vendor "Quinnware" for product "Quintessential Player" and version " <= 4.50.1.82"
-
Affected
in Microsoft
Search vendor "Microsoft"
Windows Xp
Search vendor "Microsoft" for product "Windows Xp"
*-
Safe