CVE-2009-0490

Audacity < 1.3.6 - Stack-based Buffer Overflow in String_parse::get_nonspace_quoted

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2009-0490. PoCs published by Encrypt3d.M!nd, mr_me, Houssamix.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Audacity 1.2.6 via a maliciously crafted .gro file. It uses a combination of NOP sleds, shellcode, and a specific return address to achieve remote code execution on Windows XP SP3.

Description

Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Encrypt3d.M!nd · pythonlocalwindows
https://www.exploit-db.com/exploits/10322

This exploit targets a buffer overflow vulnerability in Audacity 1.2.6 via a maliciously crafted .gro file. It uses a combination of NOP sleds, shellcode, and a specific return address to achieve remote code execution on Windows XP SP3.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Audacity 1.2.6
No auth needed
Prerequisites: Victim must open the malicious .gro file in Audacity 1.2.6
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by mr_me · pythonlocalwindows
https://www.exploit-db.com/exploits/9501

This exploit targets a buffer overflow vulnerability in Audacity <= 1.2 by crafting a malicious .gro file. It includes shellcode for a reverse shell to 192.168.2.3, demonstrating remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Audacity <= 1.2
No auth needed
Prerequisites: Victim must open the malicious .gro file in Audacity
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Houssamix · perldoswindows
https://www.exploit-db.com/exploits/7634

This Perl script generates a malformed .gro file with a long string of 'A' characters (2000 bytes) to trigger a local buffer overflow in Audacity 1.2.6 when importing the file via 'Project > Import MIDI'. The crash results in an access violation and SEH overwrite, as demonstrated by the provided register dump.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Audacity 1.2.6
No auth needed
Prerequisites: Local access to the target system · Audacity 1.2.6 installed · User interaction to import the malicious .gro file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7634
Broken Link vdb-entry x_refsource_osvdb
http://osvdb.org/51070
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/33090
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
Third Party Advisory x_refsource_confirm
http://bugs.gentoo.org/show_bug.cgi?id=253493
Broken Link vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0008
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33356

Scores

EPSS 0.1663
EPSS Percentile 96.6%

Details

CWE
CWE-787
Status published
Products (1)
audacityteam/audacity < 1.3.6
Published Feb 10, 2009
Tracked Since Feb 18, 2026