CVE-2010-2329
Rosoft Audio Converter 4.4.4 - Remote Code Execution via Long Playlist Entry in .m3u File
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-2329. PoCs published by blake.
AI-analyzed exploit summary This exploit leverages a buffer overflow in Rosoft Audio Converter 4.4.4 by crafting a malicious .m3u file. The payload includes shellcode to execute calc.exe and manipulates the SEH chain for control flow redirection.
Description
Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attackers to execute arbitrary code via a long playlist entry in a .m3u file.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by blake · pythonlocalwindows
https://www.exploit-db.com/exploits/13895
This exploit leverages a buffer overflow in Rosoft Audio Converter 4.4.4 by crafting a malicious .m3u file. The payload includes shellcode to execute calc.exe and manipulates the SEH chain for control flow redirection.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target:
Rosoft Audio Converter 4.4.4
No auth needed
Prerequisites:
Victim must open the malicious .m3u file in Rosoft Audio Converter
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/65542
Exploit x_refsource_misc
http://packetstormsecurity.org/1006-exploits/rosoft444-overflow.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/59483
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40195
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/40878
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/13895
Scores
EPSS
0.0677
EPSS Percentile
93.2%
Details
CWE
CWE-119
Status
published
Products (1)
rosoftengineering/rosoft_audio_converter
4.4.4
Published
Jun 18, 2010
Tracked Since
Feb 18, 2026