CVE-2007-0016

MoviePlay 4.76 - Stack-Based Buffer Overflow via LST File Filename

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0016. PoCs published by n00b.

AI-analyzed exploit summary This Ruby script generates a malicious .lst file that exploits a local buffer overflow in MoviePlay 4.76 by overwriting EIP and executing shellcode. The exploit leverages a call to ESP in Shlwapi.dll to achieve arbitrary code execution.

Description

Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers to execute arbitrary code via a long filename in a LST file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by n00b · rubylocalwindows

https://www.exploit-db.com/exploits/4051

View Code ZIP pw:eip

This Ruby script generates a malicious .lst file that exploits a local buffer overflow in MoviePlay 4.76 by overwriting EIP and executing shellcode. The exploit leverages a call to ESP in Shlwapi.dll to achieve arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: MoviePlay 4.76

No auth needed

Prerequisites: Local access to the target system · MoviePlay 4.76 installed

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22959

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/32547

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/4051

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21840

Scores

EPSS 0.0510

EPSS Percentile 91.3%

Details

CWE

CWE-119

Status published

Products (1)

netfarer/movieplay 4.76

Published Jan 03, 2007

Tracked Since Feb 18, 2026