CVE-2011-10024

HIGH

MJM Core Player 2011 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2011-10024. PoCs published by Metasploit, rick2600, including Metasploit module exploits/windows/fileformat/mjm_coreplayer2011_s3m.

AI-analyzed exploit summary This is a functional Metasploit exploit module for CVE-2011-10024, targeting a stack buffer overflow in MJM Core Player 2011 via a malicious .s3m file. It includes ROP chains to bypass DEP and ASLR, achieving arbitrary code execution on Windows XP, Vista, and 7.

Description

MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute arbitrary code. Exploitation is triggered when a user opens a malicious .s3m file, and the exploit bypasses DEP and ASLR protections using a ROP chain.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/17230

View Code ZIP pw:eip

This is a functional Metasploit exploit module for CVE-2011-10024, targeting a stack buffer overflow in MJM Core Player 2011 via a malicious .s3m file. It includes ROP chains to bypass DEP and ASLR, achieving arbitrary code execution on Windows XP, Vista, and 7.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: MJM Core Player 2011

No auth needed

Prerequisites: Victim must open the malicious .s3m file in MJM Core Player 2011

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC GOOD

by rick2600 · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb

View Code ZIP pw:eip

This Metasploit module exploits a stack buffer overflow in MJM Core Player 2011 via a malicious .s3m file, achieving arbitrary code execution by bypassing DEP and ASLR on Windows XP, Vista, and 7.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: MJM Core Player 2011

No auth needed

Prerequisites: Victim must open the malicious .s3m file in MJM Core Player 2011

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Various Sources product

https://mjm-software.com

Various Sources technical-description exploit

https://web.archive.org/web/20111016195816/https://www.corelan.be/index.php/forum/security-advisories/corelan-11-004-mjm-core-multimedia-suite-2011-2-4-stack-buffer-overflow-s3m/

Various Sources exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/mjm_coreplayer2011_s3m.rb

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/17230

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/mjm-core-player-file-stack-based-buffer-overflow

Scores

CVSS v4 8.4

EPSS 0.0033

EPSS Percentile 24.6%

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-121

Status published

Products (1)

MJM Software/Core Player 2011

Published Aug 20, 2025

Tracked Since Feb 18, 2026