CVE-2009-2550

Hamster Audio Player 0.3a - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2009-2550. PoCs published by ThE g0bL!N.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Hamster Audio Player 0.3a via a crafted M3U file. It leverages SEH overwrites and includes shellcode to execute arbitrary commands (e.g., calc.exe).

Description

Stack-based buffer overflow in Hamster Audio Player 0.3a allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .hpl playlist file.

Exploits (2)

exploitdb WORKING POC VERIFIED

by ThE g0bL!N · perllocalwindows

https://www.exploit-db.com/exploits/9172

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Hamster Audio Player 0.3a via a crafted M3U file. It leverages SEH overwrites and includes shellcode to execute arbitrary commands (e.g., calc.exe).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Hamster Audio Player 0.3a

No auth needed

Prerequisites: Victim must open the malicious M3U file with Hamster Audio Player 0.3a

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by ThE g0bL!N · perldoswindows

https://www.exploit-db.com/exploits/9157

View Code ZIP pw:eip

This exploit is a local buffer overflow PoC for Hamster Audio Player 0.3a. It creates a malicious .m3u file with a long string of 'A' characters (4113 bytes) to trigger a crash, demonstrating the vulnerability.