CVE-2008-3877
published 2008-09-02CVE-2008-3877: Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 Build 98 allows user-assisted attackers to execute arbitrary code via a crafted .mx4…
PriorityP343critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
9.95%
95.0th percentile
Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 Build 98 allows user-assisted attackers to execute arbitrary code via a crafted .mx4 file. NOTE: it was later reported that version 3 is also affected.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| acoustica | mixcraft | — | — |
| acoustica | mixcraft | — | — |
| acoustica | mixcraft | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Acoustica Mixcraft 4.2 - Universal Stack Overflow (SEH)
exploitdb·2008-12-24
CVE-2008-3877 Acoustica Mixcraft 4.2 - Universal Stack Overflow (SEH)
Acoustica Mixcraft 4.2 - Universal Stack Overflow (SEH)
---
#!/usr/bin/perl
#
# Acoustica Mixcraft s.mx4");
binmode $mx4_file;
print $mx4_file $mx4_data1.
$overflow1.$short_jmp.$ret.$nop_sled.$shellcode.$overflow2.
$mx4_data2;
close($mx4_file);
# milw0rm.com [2008-12-24]
Exploit-DB
Acoustica Mixcraft 4.2 Build 98 - 'mx4' Local Buffer Overflow
exploitdb·2008-08-28
CVE-2008-3877 Acoustica Mixcraft 4.2 Build 98 - 'mx4' Local Buffer Overflow
Acoustica Mixcraft 4.2 Build 98 - 'mx4' Local Buffer Overflow
---
#!/usr/bin/perl
#
# Acoustica Mixcraft (mx4 file) Local Buffer Overflow Exploit
# Author: Koshi
#
# Date: 08-28-08 ( 0day )
# Application: Acoustica Mixcraft
# Version(s): (Possibly Older) / 4.1 Build 96 / 4.2 Build 98
# Site: http://acoustica.com/mixcraft/download.htm
# Tested On: Windows XP SP3 Fully Patched
#
# A vulnerability exists in an unchecked buffer located in the
# project files (.mx4) for Acoustica Mixcraft4. The buffer should
# contain the file name of an image located in
# "C:\Program Files\Acoustica Mixcraft 4\mixrez\icons" on a default
# install of Mixcraft, and would be used as the icon for a specific
# "track" or "instrument" in Mixcraft.
#
# gr33tz: Rima my baby, str0ke, breaker_unit, mess', and my dude
No writeups or analysis indexed.
http://secunia.com/advisories/31595http://securityreason.com/securityalert/4199http://www.securityfocus.com/bid/30879http://www.securityfocus.com/bid/33012https://exchange.xforce.ibmcloud.com/vulnerabilities/44751https://www.exploit-db.com/exploits/6322https://www.exploit-db.com/exploits/7577http://secunia.com/advisories/31595http://securityreason.com/securityalert/4199http://www.securityfocus.com/bid/30879http://www.securityfocus.com/bid/33012https://exchange.xforce.ibmcloud.com/vulnerabilities/44751https://www.exploit-db.com/exploits/6322https://www.exploit-db.com/exploits/7577
2008-09-02
Published