CVE-2009-1641

Mini-stream Ripper - Memory Corruption

Title source: rule

Description

Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file.

Exploits (3)

exploitdb WORKING POC VERIFIED
by G4N0K · perllocalwindows
https://www.exploit-db.com/exploits/8631
exploitdb WORKING POC VERIFIED
by G4N0K · perllocalwindows
https://www.exploit-db.com/exploits/8632
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/shadow_stream_recorder_bof.rb

References (5)

Scores

EPSS 0.6776
EPSS Percentile 98.6%

Details

CWE
CWE-119
Status published
Products (1)
mini-stream/ripper 3.0.1.1
Published May 15, 2009
Tracked Since Feb 18, 2026