CVE-2009-1642

Mini-stream TO Mp3 Converter - Memory Corruption

Title source: rule

Description

Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7."

Exploits (6)

exploitdb WORKING POC VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/18781
exploitdb WORKING POC VERIFIED
by b0telh0 · pythonlocalwindows
https://www.exploit-db.com/exploits/11957
exploitdb WORKING POC VERIFIED
by Hazem mofeed · pythonlocalwindows
https://www.exploit-db.com/exploits/11958
exploitdb WORKING POC VERIFIED
by mat · perldoswindows
https://www.exploit-db.com/exploits/11930
exploitdb WORKING POC VERIFIED
by G4N0K · perllocalwindows
https://www.exploit-db.com/exploits/8629
exploitdb WORKING POC VERIFIED
by G4N0K · perllocalwindows
https://www.exploit-db.com/exploits/8630

References (6)

Scores

EPSS 0.3123
EPSS Percentile 96.8%

Details

CWE
CWE-119
Status published
Products (1)
mini-stream/mini-stream_to_mp3_converter 3.0.0.7
Published May 15, 2009
Tracked Since Feb 18, 2026