Description
Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Molotov · pythonlocalwindows
https://www.exploit-db.com/exploits/10240
exploitdb
WORKING POC
VERIFIED
by hack4love · pythonlocalwindows
https://www.exploit-db.com/exploits/9618
metasploit
WORKING POC
GREAT
by Molotov, dookie, jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/millenium_mp3_pls.rb
References (6)
Scores
CVSS v4
8.4
EPSS
0.1996
EPSS Percentile
95.5%
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-121
Status
published
Products (1)
Millenium/MP3 Studio
< 2.0
Published
Aug 21, 2025
Tracked Since
Feb 18, 2026