CVE-2006-1905
xine 0.99.3 - Remote Code Execution via Format String in Playlist EXTINFO Filename
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-1905. PoCs published by c0ntexb.
AI-analyzed exploit summary This exploit leverages a format-string vulnerability in xine by providing a malicious playlist file. The crafted input contains format specifiers that can crash the application or potentially execute arbitrary code.
Description
Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file.
Exploits (1)
This exploit leverages a format-string vulnerability in xine by providing a malicious playlist file. The crafted input contains format specifiers that can crash the application or potentially execute arbitrary code.