← back
CVE-2009-0476

CVE-2009-0476

EPSS 37.0%
Vexday Risk Score
50Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 37.0%KEV nãoPoC públicaNuclei Metasploit simPatch
Lifecycle
08 Feb 2009Published on NVD
24 Sep 2009Public PoC
08 Dec 2009Metasploit module available
Weaponization speed
227 daysto first PoC
302 daysto Metasploit module
Recommendation: Plan a near-term fix — a public PoC already exists.
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. NOTE: some of these details are obtained from third party information.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.