Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-7222Improper Restriction of Operations within the Bounds of a Memory Buffer in Media Player Classic

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
6.8MEDIUMNVD
EPSS
5.3%
top 9.96%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Guliverkli Media Player Classic
Timeline
PublishedAug 28
Latest updateMay 1

Description

Buffer overflow in the CFLICStream::_deltachunk function in FLICSource.cpp in Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to execute arbitrary code via a crafted FLI file.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-5q98-285h-hg3j: Buffer overflow in the CFLICStream::_deltachunk function in FLICSource2022-05-01
CVEList
CVE-2006-7222: Buffer overflow in the CFLICStream::_deltachunk function in FLICSource2007-08-28

💥Exploits & PoCs

1
Exploit-DB
Media Player Classic 6.4.9 - FLI File Remote Buffer Overflow2007-08-24
CVE-2006-7222 — Media Player Classic vulnerability | cvebase