CVE-2017-15221
HIGHASX to MP3 Converter 3.1.3.7.2010.11.05 - Buffer Overflow via Crafted M3U File
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2017-15221. PoCs published by Parichay Rai.
AI-analyzed exploit summary This exploit generates a malicious .m3u file to trigger a buffer overflow in ASX to MP3 Converter 3.1.3.7.2010, leading to a bind shell on port 4444. It uses a crafted payload with NOP sleds and shellcode to overwrite EIP.
Description
ASX to MP3 converter 3.1.3.7.2010.11.05 has a buffer overflow via a crafted M3U file, a related issue to CVE-2009-1324.
Exploits (1)
exploitdb
WORKING POC
by Parichay Rai · pythonlocalwindows
https://www.exploit-db.com/exploits/42974
This exploit generates a malicious .m3u file to trigger a buffer overflow in ASX to MP3 Converter 3.1.3.7.2010, leading to a bind shell on port 4444. It uses a crafted payload with NOP sleds and shellcode to overwrite EIP.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target:
ASX to MP3 Converter 3.1.3.7.2010
No auth needed
Prerequisites:
Victim must open the malicious .m3u file with the vulnerable software
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (3)
Core 3
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/144590/ASX-To-MP3-3.1.3.7-Buffer-Overflow.html
Exploit, Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/42974/
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/154788/ASX-To-MP3-Converter-3.1.3.7-Stack-Overflow.html
Scores
CVSS v3
7.8
EPSS
0.0546
EPSS Percentile
91.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (1)
asx_to_mp3_converter_project/asx_to_mp3_converter
3.1.3.7
Published
Oct 16, 2017
Tracked Since
Feb 18, 2026