CVE-2009-1039

Cdex - Memory Corruption

Title source: rule

Description

Buffer overflow in CDex 1.70b2 allows remote attackers to execute arbitrary code via a crafted Info header in an Ogg Vorbis (.ogg) file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nine:Situations:Group · phplocalwindows

https://www.exploit-db.com/exploits/8231

View Code ZIP pw:eip

References (6)

[Exploit] http://retrogod.altervista.org/9sg_cdex_ogg.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/49304

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/501928/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/34164

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/8231

[Third Party Advisory, VDB Entry] http://osvdb.org/52812

Scores

EPSS 0.2217

EPSS Percentile 95.8%

Details

CWE

CWE-119

Status published

Products (1)

cdexos/cdex 170b2

Published Mar 20, 2009

Tracked Since Feb 18, 2026