CVE-2009-4656
E-Soft DJ Studio Pro <5.1.4.3.1 - Buffer Overflow
Title source: llmDescription
Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including 4.2.2.7.5, and 5.x including 5.1.4.3.1, allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a playlist file (.pls) containing a long string. NOTE: some of these details are obtained from third party information.
Exploits (5)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/18547
exploitdb
WORKING POC
VERIFIED
by Sébastien Duquette · rubylocalwindows
https://www.exploit-db.com/exploits/10827
exploitdb
WORKING POC
by Death-Shadow-Dark · rubylocalwindows
https://www.exploit-db.com/exploits/18501
metasploit
WORKING POC
NORMAL
by Sebastien Duquette · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/djstudio_pls_bof.rb
References (4)
Scores
EPSS
0.6842
EPSS Percentile
98.6%
Details
CWE
CWE-119
Status
published
Products (4)
e-soft.co/dj_studio_pro
4.2
e-soft.co/dj_studio_pro
4.2.2.7.5
e-soft.co/dj_studio_pro
5.1
e-soft.co/dj_studio_pro
5.1.4.3.1
Published
Mar 03, 2010
Tracked Since
Feb 18, 2026