CVE-2009-1645 – Mini-stream RM-MP3 Converter 3.0.0.7 - '.asx' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-1645
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. Múltiples desbordamientos de búfer basados en pila en Mini-stream Easy RM-MP3 Converter v3.0.0.7 permiten a atacantes remotos ejecutar código de su elección a través de (1) una URL stsp larga en un fichero .ram y (2) una cadena larga en el atributo HREF de un elemento REF en un fichero .asx. • https://www.exploit-db.com/exploits/8634 https://www.exploit-db.com/exploits/8633 http://www.securityfocus.com/bid/34860 http://www.securityfocus.com/bid/34864 https://exchange.xforce.ibmcloud.com/vulnerabilities/50376 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-1330 – ASX to MP3 Converter - '.m3u' Local Stack Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-1330
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file. Desbordamiento de búfer basado en pila en Easy RM a MP3 Converter permite a atacantes remotos ejecutar código de su elección mediante un nombre de fichero de gran tamaño en un fichero playlist (.pls). • https://www.exploit-db.com/exploits/8407 https://www.exploit-db.com/exploits/8402 https://www.exploit-db.com/exploits/8405 https://www.exploit-db.com/exploits/8404 https://www.exploit-db.com/exploits/8403 https://www.exploit-db.com/exploits/10619 https://www.exploit-db.com/exploits/8427 https://www.exploit-db.com/exploits/39933 https://www.exploit-db.com/exploits/10602 https://www.exploit-db.com/exploits/14550 https://github.com/war4uthor/CVE-2009-1330 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •