CVE-2002-0207

RealOne Player < 8.0 - Buffer Overflow via Header Length Mismatch

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0207. PoCs published by UNYUN.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in RealJukebox 1.0.2.379 by crafting a malicious 'skin.ini' file. It leverages a JMP ESP instruction in kernel32.dll to execute arbitrary shellcode, potentially leading to remote code execution.

Description

Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header.

Exploits (1)

exploitdb WORKING POC VERIFIED

by UNYUN · cremotewindows

https://www.exploit-db.com/exploits/21207

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in RealJukebox 1.0.2.379 by crafting a malicious 'skin.ini' file. It leverages a JMP ESP instruction in kernel32.dll to execute arbitrary shellcode, potentially leading to remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: RealJukebox 1.0.2.379

No auth needed

Prerequisites: Victim must open the malicious 'skin.ini' file in RealJukebox

MITRE ATT&CK