vendor:
All to MP3 Converter
by:
m0nna
7.8
CVSS
HIGH
SEH overflow
119
CWE
Product Name: All to MP3 Converter
Affected Version From: <= 2.0.0
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: a-pdf.com/all-to-mp3
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP2
2011
A-PDF All to MP3 Converter v.2.0.0 SEH overflow
A-PDF All to MP3 Converter v.2.0.0 is vulnerable to a SEH overflow vulnerability. By crafting a .wav file and dragging it into the application, a calc.exe process can be spawned. This exploit was discovered by h1ch4m and was later modified by m0nna.
Mitigation:
Upgrade to the latest version of A-PDF All to MP3 Converter