CVE-2006-6665

Astonsoft DeepBurner Pro & Free <1.8.0 - RCE

Title source: llm

Exploitation Summary

EIP tracks 3 public exploits for CVE-2006-6665. PoCs published by Metasploit, Expanders, Expanders, fl0 fl0w, jduck, including Metasploit module exploits/windows/fileformat/deepburner_path.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in AstonSoft DeepBurner via a maliciously crafted DBR file. It leverages SEH overwrites to achieve remote code execution when the victim opens the file.

Description

Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name tag in a dbr file.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/16675

View Code ZIP pw:eip

This exploit targets a stack-based buffer overflow in AstonSoft DeepBurner via a maliciously crafted DBR file. It leverages SEH overwrites to achieve remote code execution when the victim opens the file.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: AstonSoft DeepBurner (Pro, Lite) versions 1.9.0.228, 1.8.0, and possibly others

No auth needed

Prerequisites: Victim must open the malicious DBR file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Expanders · clocalwindows

https://www.exploit-db.com/exploits/2950

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in DeepBurner <= 1.8.0 by crafting a malicious .dbr file with an oversized 'file name' tag. It overwrites the SEH handler to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: DeepBurner <= 1.8.0

No auth needed

Prerequisites: Victim must open the malicious .dbr file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC GREAT

by Expanders, fl0 fl0w, jduck · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/deepburner_path.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack-based buffer overflow in AstonSoft DeepBurner via a maliciously crafted DBR file. The exploit leverages SEH overwrite to achieve remote code execution when the victim opens the file.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: AstonSoft DeepBurner (1.9.0.228, 1.8.0, and possibly others)

No auth needed

Prerequisites: Victim must open the malicious DBR file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/5066

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/2950

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21657

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/23367

Scores

EPSS 0.2937

EPSS Percentile 97.9%

Details

Status published

Products (1)

astonsoft/deepburner < 1.8.0 (2 CPE variants)

Published Dec 20, 2006

Tracked Since Feb 18, 2026