CVE-2009-1327

Mini-stream WM Downloader 3.0.0.9 - Stack-based Buffer Overflow via Long URI in Playlist File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 6 public exploits for CVE-2009-1327. PoCs published by Cyber-Zone, Stack.

AI-analyzed exploit summary This Perl script generates a malicious .M3U file that triggers a local stack overflow in WM Downloader when parsed. The exploit leverages a buffer overflow vulnerability (CVE-2009-1329) by crafting an overly long HTTP URL in the M3U file, leading to arbitrary code execution.

Description

Stack-based buffer overflow in Mini-stream WM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.

Exploits (6)

exploitdb WORKING POC VERIFIED
by Cyber-Zone · perldoswindows
https://www.exploit-db.com/exploits/8403

This Perl script generates a malicious .M3U file that triggers a local stack overflow in WM Downloader when parsed. The exploit leverages a buffer overflow vulnerability (CVE-2009-1329) by crafting an overly long HTTP URL in the M3U file, leading to arbitrary code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: WM Downloader (version unspecified)
No auth needed
Prerequisites: Victim must open the malicious .M3U file in WM Downloader
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Stack · clocalwindows
https://www.exploit-db.com/exploits/8411

This exploit targets a stack overflow vulnerability in WM Downloader 3.0.0.9 via a maliciously crafted .m3u file. It uses a universal return address and shellcode to achieve remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: WM Downloader 3.0.0.9
No auth needed
Prerequisites: Victim must open the maliciously crafted .m3u file
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
perldoswindows
https://www.exploit-db.com/exploits/8404

This Perl script generates a malicious .M3U file that triggers a local stack overflow in RM Downloader when parsed. The exploit uses a long HTTP URL (26109 'A' characters) to overwrite the stack, leading to arbitrary code execution (EIP control demonstrated with 0x41414141).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: RM Downloader (version unspecified, likely <= 2009 release)
No auth needed
Prerequisites: Victim must open the crafted .M3U file with RM Downloader
devstral-2 · analyzed Feb 19, 2026 Full analysis →
exploitdb WORKING POC
perldoswindows
https://www.exploit-db.com/exploits/8405

This Perl script generates a malicious .M3U file that triggers a local stack overflow in Mini-stream RM-MP3 Converter when opened. The exploit uses a long HTTP URL string to overwrite the EIP register, demonstrating a classic buffer overflow vulnerability.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Mini-stream RM-MP3 Converter
No auth needed
Prerequisites: Victim must open the malicious .M3U file with the vulnerable software
devstral-2 · analyzed Feb 19, 2026 Full analysis →
exploitdb WORKING POC
perldoswindows
https://www.exploit-db.com/exploits/8402

This Perl script generates a malicious .M3U file that triggers a local stack overflow in Mini-stream Ripper when parsed. The exploit uses a long HTTP URL (26129 'A' characters) to overwrite the stack, leading to arbitrary code execution via EIP control.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Mini-stream Ripper (version unspecified)
No auth needed
Prerequisites: Victim must open the crafted .M3U file in Mini-stream Ripper
devstral-2 · analyzed Feb 19, 2026 Full analysis →
exploitdb WORKING POC
perldoswindows
https://www.exploit-db.com/exploits/8407

This Perl script generates a malicious .M3U file that triggers a local stack overflow in ASX to MP3 Converter when processed. The exploit uses a long HTTP URL (26121 'A' characters) to overwrite the EIP register, demonstrating a classic buffer overflow vulnerability.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ASX to MP3 Converter (version unspecified)
No auth needed
Prerequisites: Victim must open the malicious .M3U file with ASX to MP3 Converter
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49842
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34494
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34674
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8411
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8403

Scores

EPSS 0.2775
EPSS Percentile 96.6%

Details

CWE
CWE-119
Status published
Products (1)
mini-stream/wm_downloader 3.0.0.9
Published Apr 17, 2009
Tracked Since Feb 18, 2026