CVE-2009-4755 in Audio Player
Summary
by MITRE
Multiple stack-based buffer overflows in Mercury Audio Player 1.21 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .b4s or (2) .pls playlist file.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 05/03/2026
The vulnerability identified as CVE-2009-4755 represents a critical stack-based buffer overflow flaw in Mercury Audio Player version 1.21 that exposes systems to remote code execution attacks. This vulnerability specifically affects the handling of playlist files with extensions .b4s and .pls, which are commonly used for organizing and playing audio content in various media applications. The flaw arises from inadequate input validation when processing malformed playlist data, creating opportunities for attackers to exploit memory corruption vulnerabilities.
The technical implementation of this vulnerability involves stack-based buffer overflows that occur when the Mercury Audio Player processes specially crafted playlist files containing excessively long strings. When the application attempts to parse these malformed files, it fails to properly bounds-check input data, allowing attackers to overwrite adjacent memory locations on the stack. This memory corruption can potentially overwrite return addresses, function pointers, or other critical program state information, enabling attackers to redirect program execution flow and execute arbitrary code with the privileges of the affected application.
From an operational perspective, this vulnerability presents significant risk to organizations relying on Mercury Audio Player for media playback operations, particularly in environments where users may encounter untrusted playlist files from external sources. The remote exploitation capability means that attackers can deliver malicious playlist files through various vectors including email attachments, web downloads, or compromised websites without requiring local system access. The vulnerability affects the application's playlist parsing functionality, making it particularly dangerous as users frequently interact with playlist files during normal media consumption activities.
The security implications extend beyond simple code execution to encompass potential privilege escalation and system compromise scenarios. According to CWE classification, this vulnerability maps to CWE-121 Stack-based Buffer Overflow, which is categorized as a fundamental memory safety issue that has been consistently identified as one of the most prevalent causes of application crashes and security breaches in software systems. The ATT&CK framework would classify this vulnerability under T1190 Exploit Public-Facing Application, as it targets a publicly accessible media player application that processes external input through playlist files.
Mitigation strategies for this vulnerability should prioritize immediate patching of affected systems, as the original vendor likely released security updates to address the buffer overflow conditions. Organizations should implement network-based controls such as filtering playlist file types at network boundaries and deploying application whitelisting solutions to restrict execution of untrusted media player applications. Additionally, user education regarding the dangers of opening playlist files from untrusted sources and regular security awareness training can help reduce exploitation success rates. System administrators should also consider implementing intrusion detection systems capable of identifying attempts to exploit this specific vulnerability pattern through malformed playlist file delivery. The vulnerability underscores the importance of proper input validation and memory safety practices in multimedia applications, particularly those handling user-provided content through file parsing mechanisms.