9.3 - CVE-2006-0006

Executive Summary

Informations
Name	CVE-2006-0006	First vendor Publication	2006-02-14
Vendor	Cve	Last vendor Modification	2018-10-19

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0006

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:1256

Oval ID:	oval:org.mitre.oval:def:1256
Title:	Windows Media Player 8 Bitmap Remote Code Execution
Description:	Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2006-0006	Version:	4
Platform(s):	Microsoft Windows XP	Product(s):	Windows Media Player
Definition Synopsis:
Windows Media Player 8 is installed AND the version of Wmpui.dll is less than 8.0.0.4495

Definition Id: oval:org.mitre.oval:def:1578

Oval ID:	oval:org.mitre.oval:def:1578
Title:	Windows Media Player 7.10 Bitmap Remote Code Execution
Description:	Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2006-0006	Version:	6
Platform(s):	Microsoft Windows 2000	Product(s):	Windows Media Player
Definition Synopsis:
Windows Media Player 7.1 is installed AND the version of Wmpui.dll is less than 7.10.0.3077

Definition Id: oval:org.mitre.oval:def:1598

Oval ID:	oval:org.mitre.oval:def:1598
Title:	Windows Media Player 10 Bitmap Remote Code Execution
Description:	Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2006-0006	Version:	5
Platform(s):	Microsoft Windows XP	Product(s):	Windows Media Player
Definition Synopsis:
Windows XP is installed AND Windows Media Player 10 is installed AND the version of Wmp.dll is less than 10.0.0.4019

Definition Id: oval:org.mitre.oval:def:1661

Oval ID:	oval:org.mitre.oval:def:1661
Title:	Windows Media Player 9 Bitmap Remote Code Execution
Description:	Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2006-0006	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):	Windows Media Player
Definition Synopsis:
Windows Media Player 9 is installed AND the version of Wmp.dll is less than 9.0.0.3344

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Windows Media Player cpe:2.3:a:microsoft:windows_media_player:10:::::::* cpe:2.3:a:microsoft:windows_media_player:9:::::::* cpe:2.3:a:microsoft:windows_media_player:7.1:::::::*	3
Os	Microsoft Windows 2000 cpe:2.3:o:microsoft:windows_2000::sp1::::::* cpe:2.3:o:microsoft:windows_2000::sp4::fr::::	2
Os	Microsoft Windows 2003 Server cpe:2.3:o:microsoft:windows_2003_server:r2:::::::*	1
Os	Microsoft Windows 98 cpe:2.3:o:microsoft:windows_98::gold::::::*	1
Os	Microsoft Windows 98Se cpe:2.3:o:microsoft:windows_98se::::::::	1
Os	Microsoft Windows Me cpe:2.3:o:microsoft:windows_me::::::::	1
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp::sp2:tablet_pc::::: cpe:2.3:o:microsoft:windows_xp::sp1:tablet_pc:::::	2

ExploitDB Exploits

id	Description
2006-02-16	Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)
2006-02-15	Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005)

Open Source Vulnerability Database (OSVDB)

Id	Description
23131	Microsoft Windows Media Player Bitmap File Processing Overflow

Snort® IPS/IDS

Date	Description
2014-01-10	Microsoft Windows Media Player invalid data offset bitmap heap overflow attempt RuleID : 5712 - Revision : 17 - Type : FILE-IMAGE
2014-01-10	Microsoft Windows Media Player zero length bitmap heap overflow attempt RuleID : 5711 - Revision : 13 - Type : FILE-IMAGE

Nessus® Vulnerability Scanner

Date	Description
2006-02-14	Name : Arbitrary code can be executed on the remote host through the Media Player. File : smb_nt_ms06-005.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/16633
BUGTRAQ	http://www.securityfocus.com/archive/1/424983/100/0/threaded http://www.securityfocus.com/archive/1/425158/100/0/threaded
CERT	http://www.us-cert.gov/cas/techalerts/TA06-045A.html
CERT-VN	http://www.kb.cert.org/vuls/id/291396
MISC	http://www.eeye.com/html/research/advisories/AD20060214.html
MS	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06...
OVAL	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
SECTRACK	http://securitytracker.com/id?1015627
SECUNIA	http://secunia.com/advisories/18835
SREASON	http://securityreason.com/securityalert/423
VUPEN	http://www.vupen.com/english/advisories/2006/0574
XF	https://exchange.xforce.ibmcloud.com/vulnerabilities/24488

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-05-04 12:03:35	Multiple Updates
2021-04-22 01:04:03	Multiple Updates
2020-05-23 00:17:16	Multiple Updates
2018-10-19 21:19:43	Multiple Updates
2018-10-13 00:22:32	Multiple Updates
2017-10-11 09:23:36	Multiple Updates
2017-07-11 12:02:08	Multiple Updates
2016-04-26 14:10:40	Multiple Updates
2014-02-17 10:34:11	Multiple Updates
2014-01-19 21:23:02	Multiple Updates
2013-05-11 10:46:00	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	4
CPE ID(s)	11
Sources(s)	16
osvdb(s)	1
ExploitDB Exploit(s)	2
Snort® Rule(s)	2
Nessus® Exploit(s)	1

	Related
9.3	MS06-005
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

9.3 - CVE-2006-0006

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

ExploitDB Exploits

Open Source Vulnerability Database (OSVDB)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU