CVE-2009-0833

Winamp 5.541 - gen_msn.dll Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0833. PoCs published by SkD.

AI-analyzed exploit summary This exploit leverages a heap buffer overflow in the WinAmp GEN_MSN plugin by crafting a malicious .PLS playlist file with an overly long URL. The overflow occurs when the plugin processes the 'File1' field, allowing control over the ECX register and potentially leading to arbitrary code execution.

Description

Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541 allows remote attackers to execute arbitrary code via a playlist (.pls) file with a long URL in the File1 field. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED
by SkD · perldoswindows
https://www.exploit-db.com/exploits/7696

This exploit leverages a heap buffer overflow in the WinAmp GEN_MSN plugin by crafting a malicious .PLS playlist file with an overly long URL. The overflow occurs when the plugin processes the 'File1' field, allowing control over the ECX register and potentially leading to arbitrary code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WinAmp GEN_MSN Plugin (version unspecified)
No auth needed
Prerequisites: WinAmp with GEN_MSN plugin installed · Victim must open the malicious .PLS file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/7696
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/33159
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/33425
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15659

Scores

EPSS 0.0930
EPSS Percentile 94.7%

Details

CWE
CWE-119
Status published
Products (1)
myplugins/gen_msn 0.31
Published Mar 05, 2009
Tracked Since Feb 18, 2026