CVE-2011-5043

Tomatosoft Free Mp3 Player - Improper Input Validation

Title source: rule

Description

TomatoSoft Free Mp3 Player 1.0 allows remote attackers to cause a denial of service (application crash) via a long string in an MP3 file, possibly a buffer overflow.

Exploits (1)

exploitdb WORKING POC

by JaMbA · perldoswindows

https://www.exploit-db.com/exploits/18254

View Code ZIP pw:eip

References (2)

[Exploit] http://www.exploit-db.com/exploits/18254

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/71870

Scores

EPSS 0.0973

EPSS Percentile 93.0%

Details

CWE

CWE-20

Status published

Products (1)

tomatosoft/free_mp3_player 1.0

Published Dec 30, 2011

Tracked Since Feb 18, 2026