CVE-2006-6288

CVE-2006-6288 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier allow remote attackers to execute arbitrary code via (1) a playlist file with long song names, because of an overflow in the CPL_AddPrefixedFile function in CPI_Playlist.c; (2) a skin file with long button names, because of an overflow in the main_skin_check_ini_value function in skin.c; and (3) a skin file with long bitmap filenames, because of an overflow in the main_skin_open function in skin.c.

Learn more about our Web Application Penetration Testing UK.