CVE-2009-3201

Media Player Classic 6.4.9 - Denial of Service via Malformed MIDI File Header

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3201. PoCs published by PLATEN.

AI-analyzed exploit summary This exploit generates a malicious .mid file that triggers an integer overflow in Media Player Classic 6.4.9, leading to potential remote code execution. The payload is crafted to exploit the vulnerability when the file is parsed.

Description

Integer overflow in Media Player Classic 6.4.9 allows user-assisted remote attackers to cause a denial of service (application crash) via a MIDI file (.mid) with a malformed header, which triggers a buffer overflow, a different vulnerability than CVE-2007-4940.

Exploits (1)

exploitdb WORKING POC VERIFIED

by PLATEN · perldoswindows

https://www.exploit-db.com/exploits/9620

View Code ZIP pw:eip

This exploit generates a malicious .mid file that triggers an integer overflow in Media Player Classic 6.4.9, leading to potential remote code execution. The payload is crafted to exploit the vulnerability when the file is parsed.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Media Player Classic 6.4.9

No auth needed

Prerequisites: Victim must open the malicious .mid file in Media Player Classic 6.4.9

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/9620

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/36333

Scores

EPSS 0.0192

EPSS Percentile 77.1%

Details

CWE

CWE-189

Status published

Products (1)

rob_schultz/media_player_classic 6.4.9

Published Sep 15, 2009

Tracked Since Feb 18, 2026