Vulnerability Details : CVE-2007-1559
Public exploit exists!
Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via (1) unspecified long property values to SonicMediaPlayer.dll or (2) long arguments to unspecified methods in SonicMediaPlayer.dll.
Vulnerability category: Execute code
Products affected by CVE-2007-1559
- cpe:2.3:a:roxio:cineplayer:3.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-1559
94.79%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2007-1559
-
Roxio CinePlayer ActiveX Control Buffer Overflow
Disclosure Date: 2007-04-11First seen: 2020-04-26exploit/windows/browser/roxio_cineplayerThis module exploits a stack-based buffer overflow in SonicPlayer ActiveX control (SonicMediaPlayer.dll) 3.0.0.1 installed by Roxio CinePlayer 3.2. By setting an overly long value to 'DiskType', an attacker can overrun a buffer and execute arbitrary code. Au
CVSS scores for CVE-2007-1559
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-1559
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/33590
-
http://www.securityfocus.com/bid/23412
Roxio CinePlayer SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability
-
http://www.securitytracker.com/id?1017906
-
http://www.vupen.com/english/advisories/2007/1337
Jump to