Vulnerabilities > CVE-2007-1559 - Remote Buffer Overflow vulnerability in Roxio Cineplayer 3.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via (1) unspecified long property values to SonicMediaPlayer.dll or (2) long arguments to unspecified methods in SonicMediaPlayer.dll.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Roxio CinePlayer 3.2 SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability. CVE- 2007-1559,CVE-2007-1559. Remote exploit for windows pla... id EDB-ID:29840 last seen 2016-02-03 modified 2007-04-11 published 2007-04-11 reporter Carsten Eiram source https://www.exploit-db.com/download/29840/ title Roxio CinePlayer 3.2 SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability description Roxio CinePlayer ActiveX Control Buffer Overflow. CVE-2007-1559. Remote exploit for windows platform id EDB-ID:16559 last seen 2016-02-02 modified 2010-04-30 published 2010-04-30 reporter metasploit source https://www.exploit-db.com/download/16559/ title Roxio CinePlayer ActiveX Control Buffer Overflow
Metasploit
description | This module exploits a stack-based buffer overflow in SonicPlayer ActiveX control (SonicMediaPlayer.dll) 3.0.0.1 installed by Roxio CinePlayer 3.2. By setting an overly long value to 'DiskType', an attacker can overrun a buffer and execute arbitrary code. |
id | MSF:EXPLOIT/WINDOWS/BROWSER/ROXIO_CINEPLAYER |
last seen | 2020-06-14 |
modified | 2017-07-24 |
published | 2009-05-24 |
references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1559 |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/roxio_cineplayer.rb |
title | Roxio CinePlayer ActiveX Control Buffer Overflow |
Packetstorm
data source | https://packetstormsecurity.com/files/download/82975/roxio_cineplayer.rb.txt |
id | PACKETSTORM:82975 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | Trancer |
source | https://packetstormsecurity.com/files/82975/Roxio-CinePlayer-ActiveX-Control-Buffer-Overflow.html |
title | Roxio CinePlayer ActiveX Control Buffer Overflow |
References
- http://osvdb.org/34779
- http://secunia.com/advisories/22251
- http://secunia.com/secunia_research/2007-46/advisory/
- http://www.securityfocus.com/bid/23412
- http://www.securitytracker.com/id?1017906
- http://www.vupen.com/english/advisories/2007/1337
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33590