← back
CVE-2006-6251

CVE-2006-6251

EPSS 67.3%
Vexday Risk Score
50Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 67.3%KEV nãoPoC públicaNuclei Metasploit simPatch
Lifecycle
04 Dec 2006Published on NVD
18 Aug 2009Metasploit module available
11 Nov 2010Public PoC
Weaponization speed
1438 daysto first PoC
988 daysto Metasploit module
Recommendation: Plan a near-term fix — a public PoC already exists.
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long string in an M3U file, aka an "M3U UNC Name" attack.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.