Published: 17/04/2009 Updated: 29/09/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 965

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote malicious users to execute arbitrary code via a long URI in a playlist (.m3u) file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mini-stream rm-mp3 converter 3.0.0.7

Mini-Stream RM-MP3 Converter version 312120100330 buffer overflow exploit with ASLR and DEP bypass ...

#!/usr/bin/perl # Mini-stream RM-MP3 Converter Version 3007 m3u Universal Stack Overflow Exploit # Disoverd By Cyber-Zone # Exploited By Stack my $Header = "#EXTM3U\n"; my $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49" "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36" "\x48\x48\x30\x42\x33\x3 ...

# Exploit Title: Mini-stream RM-MP3 Converter 312120100330 local buffer overflow (\w ASLR and DEP bypass) # Date: 26 July 2012 # Exploit Author: Gianni Gnesa # Vendor Homepage: mini-streamnet/ # Software Link: mini-streamnet/rm-to-mp3-converter/download # Version: 312120100330 # Tested on: Windows 7 SP1 (VMware) # Refere ...

#!/usr/bin/perl # # # ************************************************************************ # * ASX to MP3 Converter (M3U File) Local Stack Overflow POC * # ************************************************************************ # # Found By : Cyber-Zone (ABDELKHALEK) # E-mail : Paradis_des_fous@hotmailfr # Home : WwWIQ-TYC ...

#!/usr/bin/perl # # # ************************************************************* # * WM Downloader (M3U File) Local Stack Overflow POC * # ************************************************************* # # Found By : Cyber-Zone (ABDELKHALEK) # E-mail : Paradis_des_fous@hotmailfr # Home : WwWIQ-TYCoM ; WwWNo-ExploitCoM # Greetz ...

#!/usr/bin/perl # # # ********************************************************* # * RM Downloader (M3U File) Local Stack Overflow POC * # ********************************************************* # # Found By : Cyber-Zone (ABDELKHALEK) # E-mail : Paradis_des_fous@hotmailfr # Home : WwWIQ-TYCoM ; WwWNo-ExploitCoM # Greetz : Hussin X ...

#!/usr/bin/perl # # # ************************************************************************ # * Mini-stream RM-MP3 Converter (M3U File) Local Stack Overflow POC * # ************************************************************************ # # Found By : Cyber-Zone (ABDELKHALEK) # E-mail : Paradis_des_fous@hotmailfr # Home : WwWIQ-TYC ...

#!/usr/bin/perl # # # ************************************************************* # * Mini-stream Ripper (M3U File) Local Stack Overflow POC * # ************************************************************* # # Found By : Cyber-Zone (ABDELKHALEK) # E-mail : Paradis_des_fous@hotmailfr # Home : WwWIQ-TYCoM ; WwWNo-ExploitCoM # Greetz ...

Use after free exploit - CVE-2009-1328 - Mini-StreamRM-MP3 Converter 3121 Pour créer l'exploit, il suffit de lancer le script python "exploit_alphapy" Un fichier m3u est généré dans le même répertoire Lancer l'application Mini-Stream RM-MP3 Converter: Ouvrir le fichier m3u OU Glisser-déposer le

CWE-119 http://www.securityfocus.com/bid/34494 http://secunia.com/advisories/34653 https://exchange.xforce.ibmcloud.com/vulnerabilities/49841 https://www.exploit-db.com/exploits/8413 https://www.exploit-db.com/exploits/8405 https://nvd.nist.gov https://github.com/Aagilulfe/ROP-chain-project https://packetstormsecurity.com/files/115098/Mini-Stream-RM-MP3-Converter-3.1.2.1.2010.03.30-Buffer-Overflow.html https://www.exploit-db.com/exploits/8413/

CVE-2009-1328

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect