CVE-2009-1642

Mini-stream ASX to MP3 Converter 3.0.0.7 - Stack-based Buffer Overflow via Long rtsp URL or HREF Attribute

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 6 public exploits for CVE-2009-1642. PoCs published by Metasploit, b0telh0, Hazem mofeed.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in Shadow Stream Recorder 3.0.1.7 by crafting a malicious ASX file. The exploit leverages a stack-based overflow to achieve arbitrary code execution under the context of the user.

Description

Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7."

Exploits (6)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/18781

This Metasploit module exploits a buffer overflow in Shadow Stream Recorder 3.0.1.7 by crafting a malicious ASX file. The exploit leverages a stack-based overflow to achieve arbitrary code execution under the context of the user.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Shadow Stream Recorder 3.0.1.7
No auth needed
Prerequisites: Victim must open the malicious ASX file with Shadow Stream Recorder
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by b0telh0 · pythonlocalwindows
https://www.exploit-db.com/exploits/11957

This exploit targets a local buffer overflow in Shadow Stream Recorder 3.0.1.7 via a malformed .asx file. It leverages a JMP ESP instruction in USER32.dll to redirect execution to a calc.exe-payload shellcode.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Shadow Stream Recorder 3.0.1.7
No auth needed
Prerequisites: Victim must open the malicious .asx file in Shadow Stream Recorder
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Hazem mofeed · pythonlocalwindows
https://www.exploit-db.com/exploits/11958

This exploit targets a local stack overflow vulnerability in ASX to MP3 Converter Version 3.0.0.100 by crafting a malicious ASX file with a long HTTP URL followed by a return address and shellcode. The shellcode executes calc.exe as a proof of concept.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ASX to MP3 Converter Version 3.0.0.100
No auth needed
Prerequisites: Victim must open the malicious ASX file with the vulnerable software
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by mat · perldoswindows
https://www.exploit-db.com/exploits/11930

This exploit demonstrates a local stack overflow vulnerability in ASX to MP3 Converter Version 3.0.0.100 by creating a malformed ASX file with an overly long HTTP URL, leading to EIP overwrite with 'A's (0x41).

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: ASX to MP3 Converter Version 3.0.0.100
No auth needed
Prerequisites: Local access to the target system · ASX to MP3 Converter Version 3.0.0.100 installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by G4N0K · perllocalwindows
https://www.exploit-db.com/exploits/8629

This Perl script exploits a local buffer overflow vulnerability in Mini-stream ASX to MP3 Converter 3.0.0.7 by crafting a malicious .RAM file with an oversized RTSP URL, followed by a NOP sled, return address, and shellcode to execute arbitrary commands (e.g., calc.exe).

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Mini-stream ASX to MP3 Converter 3.0.0.7
No auth needed
Prerequisites: Victim must open the malicious .RAM file in the vulnerable application
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by G4N0K · perllocalwindows
https://www.exploit-db.com/exploits/8630

This Perl script generates a malicious .ASX file that exploits a local buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 via an overly long HREF attribute, leading to arbitrary code execution (calc.exe payload).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Mini-stream ASX to MP3 Converter 3.0.0.7
No auth needed
Prerequisites: Victim must open the malicious .ASX file with the vulnerable software
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34864
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8630
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34860
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/50374
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8629

Scores

EPSS 0.0686
EPSS Percentile 93.2%

Details

CWE
CWE-119
Status published
Products (1)
mini-stream/mini-stream_to_mp3_converter 3.0.0.7
Published May 15, 2009
Tracked Since Feb 18, 2026