CVE-2006-0006

CVE Database · CVE-2006-0006

CVE-2006-0006

· N/AModified

CVSS v3.1

N/A

EPSS

49.56%

Published

Feb 14, 2006

Modified

Apr 15, 2026

Public PoC / Exploit (3)

All weaponized →

Exploit-DBMicrosoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (PoC) (MS06-005) (1)Exploit-DBMicrosoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (MS06-005) (2)TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.

Weaknesses (CWE)

CWE-119

Affected Products (11)

microsoft · windows_media_playervulnerable

microsoft · windows_2000vulnerable

microsoft · windows_2003_servervulnerable

microsoft · windows_98vulnerable

microsoft · windows_98sevulnerable

microsoft · windows_mevulnerable

microsoft · windows_xpvulnerable

References (20)

http://secunia.com/advisories/18835