CVE-2009-3338

EffectMatrix Magic Morph 1.95b - Stack-Based Buffer Overflow via .mor File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3338. PoCs published by fl0 fl0w.

AI-analyzed exploit summary This is a proof-of-concept exploit for a stack-based buffer overflow in E.M Magic Morph 1.95b via a malformed .MOR file. The code demonstrates control over EIP and ECX registers, with detailed stack analysis and offset calculations.

Description

Stack-based buffer overflow in EffectMatrix (E.M.) Magic Morph 1.95b allows remote attackers to execute arbitrary code via a long string in a .mor file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by fl0 fl0w · c++localwindows

https://www.exploit-db.com/exploits/9659

View Code ZIP pw:eip

This is a proof-of-concept exploit for a stack-based buffer overflow in E.M Magic Morph 1.95b via a malformed .MOR file. The code demonstrates control over EIP and ECX registers, with detailed stack analysis and offset calculations.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: E.M Magic Morph 1.95b

No auth needed

Prerequisites: Victim must open a maliciously crafted .MOR file

MITRE ATT&CK

T1210 - Exploitation of Remote Services T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/36721

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/9659

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/2658

Scores

EPSS 0.1160

EPSS Percentile 93.8%

Details

CWE

CWE-119

Status published

Products (1)

effectmatrix/magic_morph 1.95b

Published Sep 24, 2009

Tracked Since Feb 18, 2026