CVE-2009-20002

21.08.2025, 21:15

Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.

Provider	Type	Base Score	Vector
NIST	NIST	UNKNOWN	---
VulnCheck	CNA	---	---
CISA-ADP	ADP	---	---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 22%

Common Weakness Enumeration

CWE-121 - Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References

https://ccm.net/downloads/sound/5995-millennium-mp3-studio/

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/millenium_mp3_pls.rb

https://web.archive.org/web/20090731112010/http://www.milw0rm.com/exploits/9277

https://www.exploit-db.com/exploits/10240

https://www.exploit-db.com/exploits/9618

https://www.vulncheck.com/advisories/millenium-mp3-studio-pls-file-stack-based-buffer-overflow

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/fileformat/millenium_mp3_pls.rb

https://www.exploit-db.com/exploits/9618