CVE-2009-2961

Kolmck Kol Player - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in Thaddy de Konng KOL Player 1.0 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URL in a .MP3 playlist file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Evil.Man · perldoswindows

https://www.exploit-db.com/exploits/9467

View Code ZIP pw:eip

References (2)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/52629

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/9467

Scores

EPSS 0.1724

EPSS Percentile 95.0%

Details

CWE

CWE-119

Status published

Products (1)

kolmck/kol_player 1.0

Published Aug 25, 2009

Tracked Since Feb 18, 2026