CVE-2009-20003

HIGH

Xenorate <= 2.50 - Stack-based Buffer Overflow via .xpl Playlist File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2009-20003. PoCs published by loneferret germaya_x, germaya_x, including Metasploit module exploits/windows/fileformat/xenorate_xpl_bof.

AI-analyzed exploit summary This is a Metasploit module exploiting a stack-based buffer overflow in Xenorate 2.50 via a maliciously crafted .xpl file. It leverages SEH overwrite to achieve arbitrary code execution on Windows XP SP2/SP3.

Description

Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. Exploitation requires local interaction, typically by convincing a user to open the crafted file.

Exploits (3)

exploitdb WORKING POC VERIFIED
by loneferret germaya_x · rubylocalwindows
https://www.exploit-db.com/exploits/10373

This is a Metasploit module exploiting a stack-based buffer overflow in Xenorate 2.50 via a maliciously crafted .xpl file. It leverages SEH overwrite to achieve arbitrary code execution on Windows XP SP2/SP3.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Xenorate 2.50
No auth needed
Prerequisites: Victim must open the malicious .xpl file
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by germaya_x · perllocalwindows
https://www.exploit-db.com/exploits/10371

This Perl script exploits a local buffer overflow vulnerability in Xenorate 2.5.0 via SEH overwrite, delivering a Metasploit-generated calc.exe payload. The exploit constructs a malicious .xpl file with a crafted buffer, SEH handler, and shellcode.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Xenorate 2.5.0
No auth needed
Prerequisites: Local access to the target system · Xenorate 2.5.0 installed
devstral-2 · analyzed Feb 18, 2026 Full analysis →
metasploit WORKING POC GREAT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/xenorate_xpl_bof.rb

This Metasploit module exploits a stack buffer overflow in Xenorate 2.50 via a crafted .xpl file, leveraging SEH overwrites for arbitrary code execution. It targets Windows XP SP2/SP3 using a known return address in bass.dll.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Xenorate 2.50
No auth needed
Prerequisites: Victim must open the malicious .xpl file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7

Scores

CVSS v4 8.4
EPSS 0.0031
EPSS Percentile 22.5%
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-121
Status published
Products (1)
Xenorate/Xenorate < 2.50
Published Aug 21, 2025
Tracked Since Feb 18, 2026