Published: 11/09/2009 Updated: 19/09/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 945

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) and previous versions allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a (1) .pls or (2) .m3u playlist file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
aimp aimp2 audio converter

#!/usr/bin/python # # ###################################################################### # # AIMP2 Audio Converter <= 253 (build 330) (pls/m3u) Unicode local crash PoC # Found & exploited by: mr_me # Download: ftp://wwwcatoderu/AIMP/aimp_251330zip # Tested on: Wind0ws XP SP3 # # ################################################## ...

# Exploit Title : AIMP2 Audio Converter Playlist (pls) BOF # Discovered by : mr_me (milw0rmcom/exploits/9561) # Author : corelanc0d3r # Author contact : (corelanc0d3r[at]gmail[dot]com) | wwwcorelanbe:8800 # Date : nov 7th, 2009 # Type : local and remote code execution # OS ...

#!/usr/bin/python # # ###################################################################### # Author contact : seeleymagic[at]hotmail[dot]com # ###################################################################### # # *** For educational purposes only *** # You have been warned # # My original crash breakdown: # # EAX 001B0020 UNICODE ...

CWE-119 http://www.vupen.com/english/advisories/2009/2530 http://secunia.com/advisories/35295 http://www.exploit-db.com/exploits/9561 https://nvd.nist.gov https://www.exploit-db.com/exploits/9561/

CVE-2009-3170

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect