RSS   Vulnerabilities for 'Coolplayer'   RSS

2006-12-04
 
CVE-2006-6288

CWE-119
 

 
Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier allow remote attackers to execute arbitrary code via (1) a playlist file with long song names, because of an overflow in the CPL_AddPrefixedFile function in CPI_Playlist.c; (2) a skin file with long button names, because of an overflow in the main_skin_check_ini_value function in skin.c; and (3) a skin file with long bitmap filenames, because of an overflow in the main_skin_open function in skin.c.

 


Copyright 2024, cxsecurity.com

 

Back to Top