CVE-2009-4668

jetAudio <7.5.3.15 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4668. PoCs published by Nine:Situations:Group.

AI-analyzed exploit summary This exploit targets a heap buffer overflow in COWON America jetCast 2.0.4.1109 via a malformed .mp3 file with an overlong ID3 tag. It achieves arbitrary code execution by redirecting execution flow to a controlled buffer containing shellcode.

Description

Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Nine:Situations:Group · phplocalwindows
https://www.exploit-db.com/exploits/8780

This exploit targets a heap buffer overflow in COWON America jetCast 2.0.4.1109 via a malformed .mp3 file with an overlong ID3 tag. It achieves arbitrary code execution by redirecting execution flow to a controlled buffer containing shellcode.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Racy
Target: COWON America jetCast 2.0.4.1109 (JetAudio pack v.7.5.2)
No auth needed
Prerequisites: Victim must open the malformed .mp3 file in jetCast
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/503826/100/0/threaded
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/8780
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/35195

Scores

EPSS 0.0559
EPSS Percentile 91.9%

Details

CWE
CWE-119
Status published
Products (2)
cowon_america/jetaudio 7.5.2
cowon_america/jetaudio 7.5.3.15
Published Mar 05, 2010
Tracked Since Feb 18, 2026