CVE-2006-4046 - Vulnerability Details - OpenCVE

Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a crafted .IT file handled by the itplayerclass::module::load function, (3) a crafted .ULT file handled by the mpLoadULT function, or (4) a crafted .AMS file handled by the mpLoadAMS function.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Open Cubic Player	Open Cubic Player

Configuration 1 [-]

OR	cpe:2.3:a:open_cubic_player:open_cubic_player::::::::
	cpe:2.3:a:open_cubic_player:open_cubic_player::::::::

No data.

References

Link	Providers
http://aluigi.altervista.org/adv/ocpbof-adv.txt
http://secunia.com/advisories/21267
http://securityreason.com/securityalert/1349
http://securitytracker.com/id?1016611
http://www.securityfocus.com/archive/1/441730/100/100/threaded
http://www.securityfocus.com/bid/19262
http://www.vupen.com/english/advisories/2006/3078
https://exchange.xforce.ibmcloud.com/vulnerabilities/28103
https://exchange.xforce.ibmcloud.com/vulnerabilities/28104
https://exchange.xforce.ibmcloud.com/vulnerabilities/28105
https://exchange.xforce.ibmcloud.com/vulnerabilities/28106
https://www.exploit-db.com/exploits/2094

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-08-09T23:00:00

Updated: 2024-08-07T18:57:44.562Z

Reserved: 2006-08-09T00:00:00

Link: CVE-2006-4046

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-08-09T23:04:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-4046

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-07-31T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a crafted .IT file handled by the itplayerclass::module::load function, (3) a crafted .ULT file handled by the mpLoadULT function, or (4) a crafted .AMS file handled by the mpLoadAMS function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "21267", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21267"}, {"name": "opencubicplayer-itplayerclassmoduleload-bo(28104)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28104"}, {"name": "1349", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1349"}, {"name": "19262", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/19262"}, {"name": "2094", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/2094"}, {"name": "20060731 Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/441730/100/100/threaded"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.altervista.org/adv/ocpbof-adv.txt"}, {"name": "ADV-2006-3078", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3078"}, {"name": "opencubicplayer-mploads3m-bo(28103)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28103"}, {"name": "opencubicplayer-mploadams-bo(28106)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28106"}, {"name": "1016611", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016611"}, {"name": "opencubicplayer-mploadult-bo(28105)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28105"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4046", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a crafted .IT file handled by the itplayerclass::module::load function, (3) a crafted .ULT file handled by the mpLoadULT function, or (4) a crafted .AMS file handled by the mpLoadAMS function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "21267", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21267"}, {"name": "opencubicplayer-itplayerclassmoduleload-bo(28104)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28104"}, {"name": "1349", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1349"}, {"name": "19262", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19262"}, {"name": "2094", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/2094"}, {"name": "20060731 Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/441730/100/100/threaded"}, {"name": "http://aluigi.altervista.org/adv/ocpbof-adv.txt", "refsource": "MISC", "url": "http://aluigi.altervista.org/adv/ocpbof-adv.txt"}, {"name": "ADV-2006-3078", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3078"}, {"name": "opencubicplayer-mploads3m-bo(28103)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28103"}, {"name": "opencubicplayer-mploadams-bo(28106)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28106"}, {"name": "1016611", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016611"}, {"name": "opencubicplayer-mploadult-bo(28105)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28105"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:57:44.562Z"}, "title": "CVE Program Container", "references": [{"name": "21267", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21267"}, {"name": "opencubicplayer-itplayerclassmoduleload-bo(28104)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28104"}, {"name": "1349", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/1349"}, {"name": "19262", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/19262"}, {"name": "2094", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/2094"}, {"name": "20060731 Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/441730/100/100/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.altervista.org/adv/ocpbof-adv.txt"}, {"name": "ADV-2006-3078", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3078"}, {"name": "opencubicplayer-mploads3m-bo(28103)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28103"}, {"name": "opencubicplayer-mploadams-bo(28106)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28106"}, {"name": "1016611", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016611"}, {"name": "opencubicplayer-mploadult-bo(28105)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28105"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4046", "datePublished": "2006-08-09T23:00:00", "dateReserved": "2006-08-09T00:00:00", "dateUpdated": "2024-08-07T18:57:44.562Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:open_cubic_player:open_cubic_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "10D6EDA7-2CD4-489D-9978-0FD631625AB2", "versionEndIncluding": "0.1.10_rc5", "vulnerable": true}, {"criteria": "cpe:2.3:a:open_cubic_player:open_cubic_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D87721E-D113-45CD-B36D-B871C1982637", "versionEndIncluding": "2.60_pre6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10_rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via (1) a large .S3M file handled by the mpLoadS3M function, (2) a crafted .IT file handled by the itplayerclass::module::load function, (3) a crafted .ULT file handled by the mpLoadULT function, or (4) a crafted .AMS file handled by the mpLoadAMS function."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basado en pila en Open Cubic Player 2.6.0pre6 y versiones anteriores para Windows y 0.1.10_rc5 y versiones anteriores para Linux/BSD, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante (1) un fichero grande .S3M manejado por la funci\u00f3n mpLoadS3M, (2) un fichero manipulado .IT manejado por la funci\u00f3n itplayerclass::module::load, (3) un fichero manipulado .ULT manejado por la funci\u00f3n mpLoadULT, \u00f3 (4) un fichero manipulado .AMS manejado por la funci\u00f3n mpLoadAMS."}], "id": "CVE-2006-4046", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-08-09T23:04:00.000", "references": [{"source": "cve@mitre.org", "url": "http://aluigi.altervista.org/adv/ocpbof-adv.txt"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21267"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1349"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1016611"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/441730/100/100/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/19262"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/3078"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28103"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28104"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28105"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28106"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/2094"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://aluigi.altervista.org/adv/ocpbof-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21267"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/1349"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1016611"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/441730/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/19262"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/3078"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28103"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28104"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28105"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28106"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/2094"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}