Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local attackers to bypass DEP…
The Free MP3 CD Ripper application has a vulnerability that allows a local attacker to bypass DEP protection and execute arbitrary code. This is possible due to a stack-based buffer overflow in WMA file processing, which can be triggered by a crafted malicious WMA file. This can lead to a complete takeover of the system.
Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local attackers to bypass DEP protection via structured exception handling manipulation. Attackers can craft a malicious WMA file that triggers the overflow when loaded through the Convert function, enabling execution of arbitrary code through ROP chain gadgets and shellcode injection.
Users of the Free MP3 CD Ripper application are at high risk of arbitrary code execution and potential system takeover due to the buffer overflow vulnerability.
Remediation Recommended
This vulnerability carries significant risk. Schedule patching in your next cycle.
What should I do?
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0
Affected Products
3
References
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact