CVE-2005-4648

Name: CVE-2005-4648
Creator: NVD / NIST
Published: 2005-12-31T05:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.93%

Last modified Jun 16, 2026

CVE-2005-4648 is a vulnerability of currently unknown severity. Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and earlier, possibly including (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe, allows user-assisted attackers to cause a denial of service or execute arbitrary code via a .m3u playlist with a long entry, possibly involving large field names, as demonstrated by SecuBox.Labs.m3u. NOTE: this issue might be the same as the .m3u vulnerability in CVE-2004-1569, but if so, then CD:SF-LOC suggests creating a different identifier since the .m3u issue would affect different versions than the .pls issue.. EPSS estimates a 2.93% chance of exploitation in the next 30 days.

Description

Buffer overflow in Illustrate dBpowerAMP Music Converter 11.5 and earlier, possibly including (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe, allows user-assisted attackers to cause a denial of service or execute arbitrary code via a .m3u playlist with a long entry, possibly involving large field names, as demonstrated by SecuBox.Labs.m3u. NOTE: this issue might be the same as the .m3u vulnerability in CVE-2004-1569, but if so, then CD:SF-LOC suggests creating a different identifier since the .m3u issue would affect different versions than the .pls issue.

Metrics

EPSS Probability

2.93%

85.3th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Illustrate	Dbpoweramp Music Converter	<= 11.5

References

http://secubox.shadock.net/dBpowerAMP_Music_Converter_v11.5_Local_Buffer_Overflow_Issue.htmlExploit, Vendor Advisory
http://securitytracker.com/id?1015415Exploit, Vendor Advisory
http://secubox.shadock.net/dBpowerAMP_Music_Converter_v11.5_Local_Buffer_Overflow_Issue.htmlExploit, Vendor Advisory
http://securitytracker.com/id?1015415Exploit, Vendor Advisory

Timeline

Published: Dec 31, 2005
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2005-4648?

How severe is CVE-2005-4648?

Severity scoring for CVE-2005-4648 is pending analysis. The EPSS model estimates a 2.93% probability of exploitation in the next 30 days.

How do I fix CVE-2005-4648?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-4648?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST