CVE-2009-1324
Mini-stream ASX to MP3 Converter 3.0.0.7 - Stack-based Buffer Overflow via Long URI in Playlist File
Title source: llmExploitation Summary
EIP tracks 8 public exploits for CVE-2009-1324. PoCs published by Amir Tavakolian, Cyber-Zone, Stack.
AI-analyzed exploit summary This exploit targets a stack buffer overflow in ASX to MP3 Converter 2.7.5 by crafting a malicious .m3u file with a large payload, including shellcode for remote code execution. The exploit leverages a known return address (0x73e848a7) to redirect execution flow.
Description
Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Exploits (8)
This exploit targets a stack buffer overflow in ASX to MP3 Converter 2.7.5 by crafting a malicious .m3u file with a large payload, including shellcode for remote code execution. The exploit leverages a known return address (0x73e848a7) to redirect execution flow.
This Perl script generates a malicious .M3U file that triggers a local stack overflow in ASX to MP3 Converter when processed. The exploit uses a long HTTP URL string (26121 'A' characters) to overwrite the stack, leading to arbitrary code execution (EIP control).
This exploit targets a stack overflow vulnerability in ASX to MP3 Converter Version 3.0.0.7 via a maliciously crafted .m3u file. It uses a long HTTP URL followed by a return address and shellcode to achieve remote code execution.
This repository contains a functional exploit for CVE-2009-1324, a buffer overflow vulnerability in ASX to MP3 Converter. The Python script generates a malicious .m3u file with a crafted payload to trigger the overflow and execute arbitrary code via a JMP ESP instruction from MFC42.dll.
This Perl script generates a malicious .M3U file that triggers a local stack overflow in WM Downloader when parsed, leading to arbitrary code execution. The exploit leverages a buffer overflow vulnerability by crafting an overly long HTTP URL in the M3U file.
This Perl script generates a malicious .M3U file that triggers a local stack overflow in RM Downloader when parsed. The exploit uses a long HTTP URL (26109 'A' characters) to overwrite the EIP register, demonstrating a classic buffer overflow vulnerability.
This Perl script generates a malicious .M3U file that triggers a local stack overflow in Mini-stream RM-MP3 Converter when parsed. The exploit uses a long HTTP URL string (26121 'A' characters) to overwrite the EIP register, demonstrating a classic buffer overflow vulnerability.
This Perl script generates a malicious .M3U file that triggers a local stack overflow in Mini-stream Ripper when parsed. The exploit uses a long HTTP URL (26129 'A' characters) to overwrite the EIP register, demonstrating a classic buffer overflow vulnerability.