CVE-2008-0747

jetAudio Basic < 7.0.5 - Stack-based Buffer Overflow via Long URL in ASX File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-0747. PoCs published by D3V!L FUCKER, laurent gaffié.

AI-analyzed exploit summary This exploit generates a malformed ASX file with an excessively long URL to trigger a local crash in jetAudio v8.0.0.0 Basic. The PoC demonstrates a denial-of-service (DoS) condition by overwriting a buffer.

Description

Stack-based buffer overflow in COWON America jetAudio 7.0.5 and earlier allows user-assisted remote attackers to execute arbitrary code via a long URL in a .asx file, a different vulnerability than CVE-2007-5487.

Exploits (2)

exploitdb WORKING POC VERIFIED
by D3V!L FUCKER · perldoswindows
https://www.exploit-db.com/exploits/10650

This exploit generates a malformed ASX file with an excessively long URL to trigger a local crash in jetAudio v8.0.0.0 Basic. The PoC demonstrates a denial-of-service (DoS) condition by overwriting a buffer.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: jetAudio v8.0.0.0 Basic
No auth needed
Prerequisites: Local access to the target system · jetAudio v8.0.0.0 Basic installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by laurent gaffié · textdoswindows
https://www.exploit-db.com/exploits/5085

This exploit demonstrates a remote stack overflow in jetAudio <= 7.0.5 when parsing an ASX file with an overly long URL (1096 'A' characters). The PoC crashes the program by overwriting the ESI register, leading to an access violation.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: jetAudio <= 7.0.5
No auth needed
Prerequisites: Victim must open a maliciously crafted ASX file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3642
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28855
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/5085
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487806/100/0/threaded
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0502
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27698

Scores

EPSS 0.0686
EPSS Percentile 93.2%

Details

CWE
CWE-119
Status published
Products (1)
cowon_america/jetaudio_basic < 7.0.5
Published Feb 13, 2008
Tracked Since Feb 18, 2026