CVE-2009-4676

JetAudio <7.5.3.15 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4676. PoCs published by Nine:Situations:Group.

AI-analyzed exploit summary This exploit targets a heap buffer overflow in COWON America jetCast 2.0.4.1109 via a malformed .mp3 file with an overlong ID3 tag. It achieves arbitrary code execution by redirecting execution flow to a controlled buffer containing shellcode.

Description

Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nine:Situations:Group · phplocalwindows

https://www.exploit-db.com/exploits/8780

View Code ZIP pw:eip

This exploit targets a heap buffer overflow in COWON America jetCast 2.0.4.1109 via a malformed .mp3 file with an overlong ID3 tag. It achieves arbitrary code execution by redirecting execution flow to a controlled buffer containing shellcode.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: COWON America jetCast 2.0.4.1109 (JetAudio pack v.7.5.2)

No auth needed

Prerequisites: Victim must open the malformed .mp3 file in jetCast

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35195

Scores

EPSS 0.0404

EPSS Percentile 89.3%

Details

CWE

CWE-119

Status published

Products (2)

cowon_america/jetaudio 7.5.2

cowon_america/jetaudio 7.5.3.15

Published Mar 05, 2010

Tracked Since Feb 18, 2026