CVE-2006-6261

Quintessential Player < 4.50.1.82 - Buffer Overflow via Crafted M3U, M3U-8, or PLS File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6261. PoCs published by Greg Linares.

AI-analyzed exploit summary This exploit demonstrates a memory corruption vulnerability in Quintessential Player <= 4.50.1.82 by generating a malformed PLS playlist file. The PoC causes a denial of service (DoS) by overwriting EIP with semi-random values, though it does not achieve reliable code execution.

Description

Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Greg Linares · cdoswindows
https://www.exploit-db.com/exploits/2860

This exploit demonstrates a memory corruption vulnerability in Quintessential Player <= 4.50.1.82 by generating a malformed PLS playlist file. The PoC causes a denial of service (DoS) by overwriting EIP with semi-random values, though it does not achieve reliable code execution.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Quintessential Player <= 4.50.1.82
No auth needed
Prerequisites: Ability to deliver a malformed PLS playlist file to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/2860
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21331
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30559

Scores

EPSS 0.0555
EPSS Percentile 91.8%

Details

Status published
Products (1)
quinnware/quintessential_player < 4.50.1.82
Published Dec 04, 2006
Tracked Since Feb 18, 2026