Published: 04/06/2007 Updated: 11/10/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 690

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted remote malicious users to execute arbitrary code via a .asx playlist file with a REF element containing a long string in the HREF attribute. NOTE: it was later claimed that 4.51 Build 147 is also affected.

Vulnerable Product	Search on Vulmon	Subscribe to Product
acoustica acoustica mp3 cd burner 4.32

/* Credit's to n00b for finding this bug and poc Acoustica MP3 CD Burner 432 local buffer-overflow poc code Date : May 31'st 2007 Tested:On win xp sp 2 Acoustica Is prone to a buffer-overflow when parasing a asx playlist file If you can entice some one to open a specialy crafted asx play list file it is possible to run shell-codeTh ...

#!/usr/bin/perl # # Acoustica MP3 CD Burner (asx file) Local BOF Exploit # Author: Koshi # # Date: 08-29-08 ( 0day ) # Application: Acoustica MP3 CD Burner # Version: 451 Build 147 ( possibly older ) # Site: acousticacom/downloadhtm # Tested On: Windows XP SP3 Fully Patched # # Based off of n00b's findings wwwmilw0rmcom/exploits/ ...

NVD-CWE-Other http://www.securityfocus.com/bid/24247 http://secunia.com/advisories/31666 http://osvdb.org/43455 https://exchange.xforce.ibmcloud.com/vulnerabilities/34647 https://www.exploit-db.com/exploits/6329 https://www.exploit-db.com/exploits/4017 https://nvd.nist.gov https://www.exploit-db.com/exploits/4017/

CVE-2007-3006

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect