Vulnerability Details CVE-2006-6261
Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.059
EPSS Ranking 90.1%
CVSS Severity
CVSS v2 Score 9.3
References
Products affected by CVE-2006-6261
-
cpe:2.3:a:quinnware:quintessential_player:*
-
cpe:2.3:o:microsoft:windows_2000:-
-
cpe:2.3:o:microsoft:windows_2000:beta3
-
cpe:2.3:o:microsoft:windows_95:-
-
cpe:2.3:o:microsoft:windows_98:-
-
cpe:2.3:o:microsoft:windows_me:-
-
cpe:2.3:o:microsoft:windows_nt:4.0
-
cpe:2.3:o:microsoft:windows_xp:-
-
cpe:2.3:o:microsoft:windows_xp:sp2
-
cpe:2.3:o:microsoft:windows_xp:sp3
-
cpe:2.3:o:microsoft:windows_xp:unknown