Vulnerability Description
Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.
Related Weaknesses (CWE)
References
- https://ccm.net/downloads/sound/5995-millennium-mp3-studio/
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exp
- https://web.archive.org/web/20090731112010/http://www.milw0rm.com/exploits/9277
- https://www.exploit-db.com/exploits/10240
- https://www.exploit-db.com/exploits/9618
- https://www.vulncheck.com/advisories/millenium-mp3-studio-pls-file-stack-based-b
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exp
- https://www.exploit-db.com/exploits/9618
FAQ
What is CVE-2009-20002?
CVE-2009-20002 is a documented vulnerability. Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File...
How severe is CVE-2009-20002?
CVSS scoring is not yet available for CVE-2009-20002. Check NVD for updates.
Is there a patch for CVE-2009-20002?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.