CVE-2009-1645

Name of the Vulnerable Software and Affected Versions: Mini-stream Easy RM-MP3 Converter version 3.0.0.7

Description: The issue is related to multiple stack-based buffer overflows that allow remote attackers to execute arbitrary code. This can be achieved via a long rtsp URL in a .ram file or a long string in the HREF attribute of a REF element in a .asx file.

Recommendations: For Mini-stream Easy RM-MP3 Converter version 3.0.0.7, consider updating to a newer version that addresses these buffer overflows. As a temporary workaround, restrict the handling of .ram and .asx files to minimize the risk of exploitation. Avoid using long rtsp URLs in .ram files and long strings in the HREF attribute of REF elements in .asx files until the issue is resolved.