CVE-2007-2568
VCDGear 3.55 - Stack-Based Buffer Overflow via CUE File Tag or Track Type
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2007-2568. PoCs published by Provensec.
AI-analyzed exploit summary This Ruby script exploits a stack-based buffer overflow in VCDGEAR 3.50 by crafting a malicious .cue file with a long 'FILE' field, overwriting the SEH record to achieve arbitrary code execution via embedded shellcode.
Description
Multiple stack-based buffer overflows in VCDGear 3.55 allow user-assisted remote attackers to execute arbitrary code via a long (1) tag or (2) track type in a CUE file.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Provensec · rubylocalwindows
https://www.exploit-db.com/exploits/31991
This Ruby script exploits a stack-based buffer overflow in VCDGEAR 3.50 by crafting a malicious .cue file with a long 'FILE' field, overwriting the SEH record to achieve arbitrary code execution via embedded shellcode.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target:
VCDGEAR 3.50
No auth needed
Prerequisites:
Victim must open the malicious .cue file in VCDGEAR 3.50
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/24003
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1835
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34317
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2007-51/advisory/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/36178
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25117
Scores
EPSS
0.0627
EPSS Percentile
92.7%
Details
Status
published
Products (1)
vcdgear/vcdgear
3.55
Published
May 16, 2007
Tracked Since
Feb 18, 2026