Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via (1) unspecified long property values to SonicMediaPlayer.dll or (2) long arguments to unspecified methods in SonicMediaPlayer.dll.
Published 2007-04-11 22:19:00
Updated 2017-07-29 01:30:50
View at NVD,   CVE.org
Vulnerability category: Execute code

Products affected by CVE-2007-1559

Exploit prediction scoring system (EPSS) score for CVE-2007-1559

94.79%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2007-1559

  • Roxio CinePlayer ActiveX Control Buffer Overflow
    Disclosure Date: 2007-04-11
    First seen: 2020-04-26
    exploit/windows/browser/roxio_cineplayer
    This module exploits a stack-based buffer overflow in SonicPlayer ActiveX control (SonicMediaPlayer.dll) 3.0.0.1 installed by Roxio CinePlayer 3.2. By setting an overly long value to 'DiskType', an attacker can overrun a buffer and execute arbitrary code. Au

CVSS scores for CVE-2007-1559

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
9.3
HIGH AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
NIST

References for CVE-2007-1559

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!