MAGIX Music Editor Buffer Overflow Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A buffer overflow vulnerability has been identified in MAGIX Music Editor version 3.1, specifically within the FreeDB Proxy Options dialog. This vulnerability allows local attackers to execute arbitrary code by exploiting structured exception handling. To exploit this issue, an attacker can craft a malicious payload and paste it into the Server field via the CD menu's FreeDB Proxy Options. Code execution is triggered when the settings are accepted.
Impact
Exploitation of this vulnerability leads to a buffer overflow, allowing for arbitrary code execution on the affected system.
Reproduction
To reproduce this vulnerability, open MAGIX Music Editor 3.1 and navigate to the CD menu. Select 'FreeDB Proxy Options' and paste a crafted payload into the Server field. After accepting the settings, the payload is executed, demonstrating the buffer overflow exploit.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.