Unrated severityNVD Advisory· Published Jul 13, 2006· Updated Apr 16, 2026

CVE-2006-3582

Description

Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via the size specified in the package header of (1) CFF, (2) MTK, (3) DMO, and (4) U6M files.

Affected products

Audacious Media Player Team/Adplug
cpe:2.3:a:audacious_media_player_team:adplug:*:*:*:*:*:*:*:*
Range: <=2.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20972nvdPatchVendor Advisory
aluigi.altervista.org/adv/adplugbof-adv.txtnvdExploitVendor Advisory
www.securityfocus.com/bid/18859nvdExploit
secunia.com/advisories/21238nvdVendor Advisory
secunia.com/advisories/21869nvdVendor Advisory
www.vupen.com/english/advisories/2006/2697nvdVendor Advisory
adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cppnvd
secunia.com/advisories/21295nvd
security.gentoo.org/glsa/glsa-200607-13.xmlnvd
security.gentoo.org/glsa/glsa-200609-06.xmlnvd
www.osvdb.org/27042nvd
www.osvdb.org/27043nvd
www.osvdb.org/27044nvd
www.osvdb.org/27047nvd
www.securityfocus.com/archive/1/439432/100/100/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/27670nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27677nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000