ID CVE-2007-1559
Summary Multiple stack-based buffer overflows in SonicDVDDashVRNav.dll in Roxio CinePlayer 3.2 allow remote attackers to execute arbitrary code via (1) unspecified long property values to SonicMediaPlayer.dll or (2) long arguments to unspecified methods in SonicMediaPlayer.dll.
References
Vulnerable Configurations
  • Roxio CinePlayer 3.2
    cpe:2.3:a:roxio:cineplayer:3.2
CVSS
Base: 9.3 (as of 12-04-2007 - 12:15)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
  • description Roxio CinePlayer ActiveX Control Buffer Overflow. CVE-2007-1559. Remote exploit for windows platform
    id EDB-ID:16559
    last seen 2016-02-02
    modified 2010-04-30
    published 2010-04-30
    reporter metasploit
    source https://www.exploit-db.com/download/16559/
    title Roxio CinePlayer ActiveX Control Buffer Overflow
  • description Roxio CinePlayer 3.2 SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability. CVE- 2007-1559,CVE-2007-1559. Remote exploit for windows pla...
    id EDB-ID:29840
    last seen 2016-02-03
    modified 2007-04-11
    published 2007-04-11
    reporter Carsten Eiram
    source https://www.exploit-db.com/download/29840/
    title Roxio CinePlayer 3.2 SonicDVDDashVRNav.DLL ActiveX Control Remote Buffer Overflow Vulnerability
metasploit via4
description This module exploits a stack-based buffer overflow in SonicPlayer ActiveX control (SonicMediaPlayer.dll) 3.0.0.1 installed by Roxio CinePlayer 3.2. By setting an overly long value to 'DiskType', an attacker can overrun a buffer and execute arbitrary code.
id MSF:EXPLOIT/WINDOWS/BROWSER/ROXIO_CINEPLAYER
last seen 2018-08-29
modified 2017-07-24
published 2009-05-24
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/roxio_cineplayer.rb
title Roxio CinePlayer ActiveX Control Buffer Overflow
packetstorm via4
data source https://packetstormsecurity.com/files/download/82975/roxio_cineplayer.rb.txt
id PACKETSTORM:82975
last seen 2016-12-05
published 2009-11-26
reporter Trancer
source https://packetstormsecurity.com/files/82975/Roxio-CinePlayer-ActiveX-Control-Buffer-Overflow.html
title Roxio CinePlayer ActiveX Control Buffer Overflow
refmap via4
bid 23412
misc http://secunia.com/secunia_research/2007-46/advisory/
osvdb 34779
sectrack 1017906
secunia 22251
vupen ADV-2007-1337
xf cineplayer-sonicmediaplayer-bo(33590)
Last major update 07-03-2011 - 21:52
Published 11-04-2007 - 18:19
Last modified 28-07-2017 - 21:30
Back to Top