CVE-2004-1569
published 2004-12-31CVE-2004-1569: Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote…
PriorityP427medium4CVSS 2.0
AVNACHAuNCNIPAP
EXPLOIT
EPSS
4.74%
90.7th percentile
Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via a .pls or .m3u playlist that contains long File1 (filename) fields.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| illustrate | dbpoweramp_audio_player | — | — |
| illustrate | dbpoweramp_music_converter | <= 11.5 | — |
| illustrate | dbpoweramp_music_converter | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5jg4-gfhx-2rxm: Buffer overflow in Illustrate dBpowerAMP Music Converter 11
ghsa_unreviewed·2022-05-01·CVSS 4.0
CVE-2005-4648 [MEDIUM] GHSA-5jg4-gfhx-2rxm: Buffer overflow in Illustrate dBpowerAMP Music Converter 11
Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and earlier, possibly including (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe, allows user-assisted attackers to cause a denial of service or execute arbitrary code via a .m3u playlist with a long entry, possibly involving large field names, as demonstrated by SecuBox.Labs.m3u. NOTE: this issue might be the same as the .m3u vulnerability in CVE-2004-1569, but if so, then CD:SF-LOC suggests creating a different identifier since the .m3u issue would affect different versions than the .pls issue.
GHSA
GHSA-r63f-2f6c-mxvq: Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote attackers to execute arbitrary code via a
ghsa_unreviewed·2022-05-01·CVSS 4.0
CVE-2008-0661 [MEDIUM] CWE-119 GHSA-r63f-2f6c-mxvq: Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote attackers to execute arbitrary code via a
Buffer overflow in dBpowerAMP Audio Player Release 2 allows remote attackers to execute arbitrary code via a .M3U file with a long URI. NOTE: this might be the same issue as CVE-2004-1569.
GHSA
GHSA-cqh3-66qm-fc26: Buffer overflow in (1) MusicConverter
ghsa_unreviewed·2022-04-29
CVE-2004-1569 [MEDIUM] GHSA-cqh3-66qm-fc26: Buffer overflow in (1) MusicConverter
Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Player 2.0 and dbPowerAmp Music Converter 10.0 allows remote attackers to cause a denial of service or execute arbitrary code via a .pls or .m3u playlist that contains long File1 (filename) fields.
No detection rules found.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=109668542406346&w=2http://secunia.com/advisories/12684/http://www.gulftech.org/?node=research&article_id=00052-09272004http://www.securityfocus.com/bid/11266https://exchange.xforce.ibmcloud.com/vulnerabilities/17535https://exchange.xforce.ibmcloud.com/vulnerabilities/17539http://marc.info/?l=bugtraq&m=109668542406346&w=2http://secunia.com/advisories/12684/http://www.gulftech.org/?node=research&article_id=00052-09272004http://www.securityfocus.com/bid/11266https://exchange.xforce.ibmcloud.com/vulnerabilities/17535https://exchange.xforce.ibmcloud.com/vulnerabilities/17539
2004-12-31
Published