CVE-2006-3581
published 2006-07-13CVE-2006-3581: Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via large (1) DTM and…
PriorityP337medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
12.77%
95.8th percentile
Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via large (1) DTM and (2) S3M files.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adplug_project | adplug | >= 0 < 2.0.1-1 | 2.0.1-1 |
| adplug_project | adplug | >= 0 < 2.0.1-1 | 2.0.1-1 |
| adplug_project | adplug | >= 0 < 2.0.1-1 | 2.0.1-1 |
| adplug_project | adplug | >= 0 < 2.0.1-1 | 2.0.1-1 |
| audacious_media_player_team | adplug | <= 2.0 | — |
| debian | adplug | < adplug 2.0.1-1 (bookworm) | adplug 2.0.1-1 (bookworm) |
CVSS provenance
nvdv2.05.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM
vendor_debian5.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2006-3581: adplug - Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earlier allow ...
vendor_debian·2006·CVSS 5.1
CVE-2006-3581 [MEDIUM] CVE-2006-3581: adplug - Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earlier allow ...
Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via large (1) DTM and (2) S3M files.
Scope: local
bookworm: resolved (fixed in 2.0.1-1)
bullseye: resolved (fixed in 2.0.1-1)
forky: resolved (fixed in 2.0.1-1)
sid: resolved (fixed in 2.0.1-1)
trixie: resolved (fixed in 2.0.1-1)
GHSA
GHSA-8x5m-9j9c-r7hr: Multiple stack-based buffer overflows in Audacious AdPlug 2
ghsa_unreviewed·2022-05-01
CVE-2006-3581 [MEDIUM] CWE-119 GHSA-8x5m-9j9c-r7hr: Multiple stack-based buffer overflows in Audacious AdPlug 2
Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via large (1) DTM and (2) S3M files.
OSV
CVE-2006-3581: Multiple stack-based buffer overflows in Audacious AdPlug 2
osv·2006-07-13·CVSS 5.1
CVE-2006-3581 [MEDIUM] CVE-2006-3581: Multiple stack-based buffer overflows in Audacious AdPlug 2
Multiple stack-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via large (1) DTM and (2) S3M files.
No detection rules found.
Bugzilla
CVE-2006-3581, CVE-2006-3582: Multiple stack/heap overflow vulnerabilities in adplug
bugzilla·2006-07-09·CVSS 5.1
CVE-2006-3581 [MEDIUM] CVE-2006-3581, CVE-2006-3582: Multiple stack/heap overflow vulnerabilities in adplug
CVE-2006-3581, CVE-2006-3582: Multiple stack/heap overflow vulnerabilities in adplug
Adplug Yeah, sorry I know, in this case I happened to maintain all affected packages
Yes, but only in FE. 3rd party repositories and local packages which use the
libs are affected too.
> However, a first timer the question arise: how do I properly retire an .so
> file with security vulnerabilities? (Cannot find a good idea in any
> guidelines.)
If doable and feasible, backporting only the security fixes and avoiding the
soname change would be one way of handling it smoothly.
An incompatible upgrade policy and instructions are slowly in the works, but so
far there is no consensus except that the very least one should do is to send a
mail to fedora-maintainers, notifying about the issue, beforehand if a
arXiv
LLM-Assisted Proactive Threat Intelligence for Automated Reasoning
arxiv_fulltext·2025-04-01
LLM-Assisted Proactive Threat Intelligence for Automated Reasoning
LLM-Assisted Proactive Threat Intelligence for Automated Reasoning
Shuva Paul, Member, IEEE,
Farhad Alemi, Student Member, IEEE,
and Richard Macwan, Member, IEEE
Farhad Alemi is a graduate researcher at Arizona State University.
Shuva Paul and Richard Macwan are researchers at the National Renewable Energy Laboratory, Golden, CO
Journal of \ Class Files, Vol. 14, No. 8, August 2015
Shell et al.: Bare Demo of IEEEtran.cls for IEEE Journals
## Abstract
Successful defense against dynamically evolving cyber threats requires advanced and sophisticated techniques. This research presents a novel approach to enhance real-time cybersecurity threat detection and response by integrating large language models (LLMs) and Retrieval-Augmented Generation (RAG) systems with continuous threat intelligen
http://adplug.cvs.sourceforge.net/adplug/adplug/src/dtm.cpp?view=log#rev1.17http://aluigi.altervista.org/adv/adplugbof-adv.txthttp://secunia.com/advisories/20972http://secunia.com/advisories/21238http://secunia.com/advisories/21295http://secunia.com/advisories/21869http://security.gentoo.org/glsa/glsa-200607-13.xmlhttp://security.gentoo.org/glsa/glsa-200609-06.xmlhttp://www.osvdb.org/27045http://www.osvdb.org/27046http://www.securityfocus.com/archive/1/439432/100/100/threadedhttp://www.securityfocus.com/bid/18859http://www.vupen.com/english/advisories/2006/2697https://exchange.xforce.ibmcloud.com/vulnerabilities/27673https://exchange.xforce.ibmcloud.com/vulnerabilities/27674http://adplug.cvs.sourceforge.net/adplug/adplug/src/dtm.cpp?view=log#rev1.17http://aluigi.altervista.org/adv/adplugbof-adv.txthttp://secunia.com/advisories/20972http://secunia.com/advisories/21238http://secunia.com/advisories/21295http://secunia.com/advisories/21869http://security.gentoo.org/glsa/glsa-200607-13.xmlhttp://security.gentoo.org/glsa/glsa-200609-06.xmlhttp://www.osvdb.org/27045http://www.osvdb.org/27046http://www.securityfocus.com/archive/1/439432/100/100/threadedhttp://www.securityfocus.com/bid/18859http://www.vupen.com/english/advisories/2006/2697https://exchange.xforce.ibmcloud.com/vulnerabilities/27673https://exchange.xforce.ibmcloud.com/vulnerabilities/27674
2006-07-13
Published