CVE-2007-2576

East Wind Software advdaudio.ocx <1.5.1.1 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2576. PoCs published by shinnai.

AI-analyzed exploit summary This exploit targets a local buffer overflow in East Wind Software's advdaudio.ocx (v. 1.5.1.1) via the 'OpenDVD' method. It uses a crafted buffer with shellcode to achieve arbitrary code execution when triggered via VBScript in Internet Explorer.

Description

Buffer overflow in the East Wind Software advdaudio.ocx 1.5.1.1 ActiveX control allows user-assisted remote attackers to execute arbitrary code via a long OpenDVD property value. NOTE: this issue might be related to CVE-2007-0976.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmllocalwindows

https://www.exploit-db.com/exploits/3856

View Code ZIP pw:eip

This exploit targets a local buffer overflow in East Wind Software's advdaudio.ocx (v. 1.5.1.1) via the 'OpenDVD' method. It uses a crafted buffer with shellcode to achieve arbitrary code execution when triggered via VBScript in Internet Explorer.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: East Wind Software advdaudio.ocx v. 1.5.1.1

No auth needed

Prerequisites: Victim must open the malicious HTML file in Internet Explorer · advdaudio.ocx must be installed and registered

MITRE ATT&CK