CVE-2006-2465

mp3info 0.8.4 - Buffer Overflow via Long Command Line Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2006-2465. PoCs published by Ayman Sagy, jsacco.

AI-analyzed exploit summary This exploit leverages a structured exception handler (SEH) overflow in MP3Info 0.8.5 to achieve remote code execution by overwriting the SEH record and redirecting execution to a shellcode payload. The exploit uses a combination of trampolines and short jumps to bypass memory constraints and execute a calc payload.

Description

Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Ayman Sagy · perllocalwindows
https://www.exploit-db.com/exploits/32358

This exploit leverages a structured exception handler (SEH) overflow in MP3Info 0.8.5 to achieve remote code execution by overwriting the SEH record and redirecting execution to a shellcode payload. The exploit uses a combination of trampolines and short jumps to bypass memory constraints and execute a calc payload.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MP3Info 0.8.5
No auth needed
Prerequisites: MP3Info 0.8.5 installed on Windows · Perl environment to run the exploit
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by jsacco · pythondoslinux
https://www.exploit-db.com/exploits/31220

This exploit targets a stack-based buffer overflow in mp3info, using a NOP sled and shellcode to execute '/bin/sh'. The payload is constructed with junk data, shellcode, and a controlled EIP overwrite.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: mp3info (latest version as of 2006)
No auth needed
Prerequisites: mp3info installed on the target system · ability to execute the exploit locally
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/show/osvdb/30945
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/32358
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/18016
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1016108

Scores

EPSS 0.2566
EPSS Percentile 96.4%

Details

Status published
Products (1)
mp3info/mp3info 0.8.4
Published May 19, 2006
Tracked Since Feb 18, 2026