Primary

Context

Ether MP3 CD Burner Buffer Overflow Vulnerability Allowing Remote Code Execution

Vulnerability

A buffer overflow vulnerability has been identified in Ether MP3 CD Burner version 1.3.8. The issue resides in the registration name field, where improper input validation allows attackers to craft malicious payloads that overwrite Structured Exception Handling (SEH) handlers. This exploitation can lead to remote code execution, with the possibility of executing a bind shell on port 3110.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected system.

Reproduction

The vulnerability can be reproduced by using a Python script to create a payload that exploits the buffer overflow. This payload should be saved into a text file, which is then copied to the clipboard. After opening the Ether MP3 CD Burner application and pasting the payload into the registration field, clicking 'OK' will trigger the exploit. A bind shell can then be accessed on port 3110.

Added: Jan 16, 2026, 12:52 AM

Updated: Jan 16, 2026, 12:52 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.0

remediation

0.0

relevance

2.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.0

remediation

0.0

relevance

2.1

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ether MP3 CD Burner Buffer Overflow Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Reproduction

Affected Products

Ether MP3 CD Burner

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating