CVE-2009-3254

Ultimatevideosite Ultimate Player - Memory Corruption

Title source: rule

Description

Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by hack4love · perllocalwindows

https://www.exploit-db.com/exploits/9548

View Code ZIP pw:eip

References (2)

[Vendor Advisory] http://www.vupen.com/english/advisories/2009/2491

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/9548

Scores

EPSS 0.1866

EPSS Percentile 95.3%

Details

CWE

CWE-119

Status published

Products (1)

ultimatevideosite/ultimate_player 1.56 beta

Published Sep 18, 2009

Tracked Since Feb 18, 2026