CVE-2009-5109
Mini-Stream Ripper 3.0.1.1 - Stack-Based Buffer Overflow via .pls File
Title source: llmExploitation Summary
EIP tracks 5 public exploits for CVE-2009-5109.
PoCs published by Metasploit, jacky, mr_me, including Metasploit module exploits/windows/misc/mini_stream.
AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in Mini-Stream 3.0.1.1 by crafting a malicious PLS file, allowing arbitrary code execution via a JMP ESP instruction in USER32.dll or SHELL32.dll.
Description
Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long entry in a .pls file.
Exploits (5)
This Metasploit module exploits a stack buffer overflow in Mini-Stream 3.0.1.1 by crafting a malicious PLS file, allowing arbitrary code execution via a JMP ESP instruction in USER32.dll or SHELL32.dll.
This exploit demonstrates a buffer overflow vulnerability in Mini-Stream Ripper v3.0.1.1 by crafting a malicious .pls file with a long string of 'A's to overwrite the EIP and redirect execution to shellcode in the ESP register. The exploit uses a universal return address from MSRcodec00.dll to achieve reliable code execution.
This exploit demonstrates a local buffer overflow vulnerability in Mini-stream Ripper 3.0.1.1 by crafting a malicious .pls file that triggers a stack-based overflow, leading to arbitrary code execution via a reverse shell payload.
This exploit targets a buffer overflow vulnerability in Mini-Stream 3.0.1.1 by crafting a malicious .pls file with a long shellcode payload and a JMP ESP address to achieve remote code execution on Windows XP SP2/SP3.
This Metasploit module exploits a stack buffer overflow in Mini-Stream 3.0.1.1 by crafting a malicious PLS file, allowing arbitrary code execution via a JMP ESP instruction in USER32.dll or SHELL32.dll.