CVE-1999-1007

VDO Live Player - Remote Code Execution via Malformed .vdo File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-1007. PoCs published by UNYUN.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in VDOLive Player v3.02 by crafting a malicious .vdo file. It uses a JMP ESP instruction to redirect execution to shellcode that loads and executes arbitrary commands via msvcrt.dll.system.

Description

Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by UNYUN · clocalwindows

https://www.exploit-db.com/exploits/19678

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in VDOLive Player v3.02 by crafting a malicious .vdo file. It uses a JMP ESP instruction to redirect execution to shellcode that loads and executes arbitrary commands via msvcrt.dll.system.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: VDOLive Player v3.02

No auth needed

Prerequisites: Ability to deliver a malicious .vdo file to the target · Target must open the file with VDOLive Player v3.02

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/872

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=94512259331599&w=2

Scores

EPSS 0.0353

EPSS Percentile 87.7%

Details

Status published

Products (1)

vdonet/vdolive_player 3.0.2

Published Dec 13, 1999

Tracked Since Feb 18, 2026