CVE-2013-7280

HansoTools Hanso Player <2.5.0 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-7280. PoCs published by Necmettin COSKUN, metacom.

AI-analyzed exploit summary This code generates a malformed M3U file with a 240-byte buffer of 'A' characters, intended to trigger a buffer overflow in Hanso Player 2.5.0. However, it lacks a payload or return address manipulation, making it a non-functional stub.

Description

Buffer overflow in HansoTools Hanso Player 2.1.0, 2.5.0, and earlier allows remote attackers to cause a denial of service (crash) via a long string in a .m3u file.

Exploits (2)

exploitdb STUB VERIFIED

by Necmettin COSKUN · rubydoswindows

https://www.exploit-db.com/exploits/29445

View Code ZIP pw:eip

This code generates a malformed M3U file with a 240-byte buffer of 'A' characters, intended to trigger a buffer overflow in Hanso Player 2.5.0. However, it lacks a payload or return address manipulation, making it a non-functional stub.

Classification

Stub 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: Hanso Player 2.5.0

No auth needed

Prerequisites: Victim must open the malformed M3U file in Hanso Player 2.5.0

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by metacom · pythondoswindows

https://www.exploit-db.com/exploits/24556

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow vulnerability in Hanso Player 2.1.0 by creating a malicious .m3u file with a large payload of 'A' characters. The exploit is designed to crash the application and potentially execute arbitrary code.