CVE-2010-2343

Dennisre Audio Converter - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in D.R. Software Audio Converter 8.1, 2007, and 8.05 allows remote attackers to execute arbitrary code via a crafted pls playlist file.

Exploits (5)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/31643

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by chap0 · perllocalwindows

https://www.exploit-db.com/exploits/13761

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by sud0 · perllocalwindows

https://www.exploit-db.com/exploits/13763

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by sud0 · pythonlocalwindows

https://www.exploit-db.com/exploits/13760

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by chap0, Gabor Seljan, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/easycdda_pls_bof.rb

View Code ZIP pw:eip

References (9)

[Vendor Advisory] http://secunia.com/advisories/40081

[Various Sources] http://www.corelan.be:8800/index.php/forum/security-advisories/corelan-10-048-d-r-software-multiple-products/

[Exploit] http://www.exploit-db.com/exploits/13760

[Exploit] http://www.exploit-db.com/exploits/13763

[Exploit] http://www.securityfocus.com/bid/40618

[Vendor Advisory] http://www.vupen.com/english/advisories/2010/1387

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/40631

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/59206

[Third Party Advisory, VDB Entry] http://osvdb.org/65256

Scores

EPSS 0.7684

EPSS Percentile 99.0%

Details

CWE

CWE-119

Status published

Products (3)

dennisre/audio_converter 8.1

dennisre/audio_converter 8.05

dennisre/audio_converter 2007

Published Jun 21, 2010

Tracked Since Feb 18, 2026