cbcvebase.
CVE-2009-20002
published 2025-08-21

CVE-2009-20002: Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to…

PriorityP349high8.4CVSS 4.0
AVLACLATNPRNUIAVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.45%
36.1th percentile
Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.

Affected

1 ranges
VendorProductVersion rangeFixed in
milleniummp3_studio<= 2.0

Detection & IOCsextracted from sources · hover to see the quote

filename.pls
otherFile1 field overflow in .pls playlist
  • Monitor for abnormally large File1 field values within .pls playlist files opened by Millenium MP3 Studio, which may indicate an SEH overwrite attempt.
  • Alert on .pls files being delivered via browser or email to systems where the .pls extension is registered to Millenium MP3 Studio, as this enables a remote attack vector.
  • Detect exploitation attempts using the Metasploit module 'exploits/windows/fileformat/millenium_mp3_pls' targeting Millenium MP3 Studio 2.0.
  • ·Remote browser-based exploitation via registered .pls extension has not been confirmed functional in the Metasploit module.
  • ·Exploitation requires local file open by the victim; remote execution is conditional on the .pls extension being registered to the application.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.