Home

Description

Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.

PUBLISHED Reserved 2025-08-21 | Published 2025-08-21 | Updated 2025-08-22 | Assigner VulnCheck




HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-121: Stack-based Buffer Overflow

Product status

Default status
unaffected

*
affected

Credits

hack4love finder

References

raw.githubusercontent.com/...fileformat/millenium_mp3_pls.rb exploit

www.exploit-db.com/exploits/9618 exploit

www.exploit-db.com/exploits/10240 exploit

web.archive.org/...2010/http://www.milw0rm.com/exploits/9277 exploit

ccm.net/downloads/sound/5995-millennium-mp3-studio/ product

www.vulncheck.com/...io-pls-file-stack-based-buffer-overflow third-party-advisory

cve.org (CVE-2009-20002)

nvd.nist.gov (CVE-2009-20002)

Download JSON