ABBS Software Audio Media Player Stack-based Buffer Overflow

Vulnerability

ABBS Audio Media Player version 3.1 suffers from a stack-based buffer overflow (CWE-121) when processing specially crafted .lst playlist files. The vulnerability resides in the file parsing routine and is triggered when the application reads a malicious .lst file. No special configuration is required; the code path is reachable simply by opening the file. [1]

Exploitation

An attacker can exploit this vulnerability by crafting a malicious .lst file and convincing a user to open it with ABBS Audio Media Player. No authentication or network access is needed beyond delivering the file (e.g., via email, download, or removable media). Upon opening the file, the overflow occurs, allowing the attacker to execute arbitrary code with the privileges of the user. The Metasploit module exploit/windows/fileformat/abbs_amp_lst provides a reliable exploit path. [1]

Impact

Successful exploitation results in arbitrary code execution in the context of the logged-on user. The attacker gains full control over the affected system, including the ability to install programs, view/change/delete data, or create new accounts. The impact is limited to the user's privilege level; on Windows XP SP3 and Windows 7 SP1, this typically means user-level access. [1]

Mitigation

No official patch or fixed version has been released by ABBS Software. The only mitigation is to avoid opening .lst files from untrusted sources. Users should consider using alternative media players or applying strict file execution policies. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog as of the publication date. [1]