Stack-based Buffer Overflow in Magix Musik Maker 16 by Magix Software
CVE-2011-10021

8.4HIGH

Key Information:

Vendor

Magix Software Gmbh

Status
Magix Musik Maker
Vendor
CVE Published:
20 August 2025

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2011-10021?

Magix Musik Maker 16 is susceptible to a stack-based buffer overflow due to inadequate input validation of .mmm arrangement files. An unsafe strcpy() operation can lead to an overflow when a maliciously crafted .mmm file is opened, enabling attackers to overwrite critical memory areas, including the Structured Exception Handler (SEH). By exploiting this vulnerability, an attacker may execute arbitrary code, posing a significant security threat. This issue was addressed with the release of version 17.

Affected Version(s)

Magix Musik Maker * <= 16

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2011-10021 - Proof of Concept

CVE-2011-10021 - Proof of Concept

CVE-2011-10021 - Proof of Concept

References

https://raw.githubusercontent.com/rapid7/metasploit-frame...
exploit
https://www.exploit-db.com/exploits/17329
exploit
https://www.exploit-db.com/exploits/17313
exploit

EPSS Score

8% chance of being exploited in the next 30 days.

CVSS V4

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

acidgen
.