CVE-2009-1645 – Mini-stream RM-MP3 Converter 3.0.0.7 - '.asx' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-1645
Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. Múltiples desbordamientos de búfer basados en pila en Mini-stream Easy RM-MP3 Converter v3.0.0.7 permiten a atacantes remotos ejecutar código de su elección a través de (1) una URL stsp larga en un fichero .ram y (2) una cadena larga en el atributo HREF de un elemento REF en un fichero .asx. • https://www.exploit-db.com/exploits/8634 https://www.exploit-db.com/exploits/8633 http://www.securityfocus.com/bid/34860 http://www.securityfocus.com/bid/34864 https://exchange.xforce.ibmcloud.com/vulnerabilities/50376 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-1328 – ASX to MP3 Converter - '.m3u' Local Stack Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-1328
Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. Desbordamiento de búfer basado en pila en Mini-stream RM-MP3 Converter 3.0.0.7 permite a atacantes remotos ejecutar código de su elección mediante una URI de gran tamaño en un fichero playlist (.m3u). • https://www.exploit-db.com/exploits/8407 https://www.exploit-db.com/exploits/8402 https://www.exploit-db.com/exploits/8405 https://www.exploit-db.com/exploits/8404 https://www.exploit-db.com/exploits/8403 https://www.exploit-db.com/exploits/8413 https://www.exploit-db.com/exploits/20116 http://secunia.com/advisories/34653 http://www.securityfocus.com/bid/34494 https://exchange.xforce.ibmcloud.com/vulnerabilities/49841 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •