CVE-2007-2761

MagicISO <5.4.239 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-2761. PoCs published by vade79, n00b.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow in MagicISO v5.4 (build 0239) by crafting a malicious .cue file. It leverages control over EAX and EDX registers to overwrite memory and execute arbitrary shellcode, though reliability is noted as inconsistent due to memory layout dependencies.

Description

Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier allows remote attackers to execute arbitrary code via a long filename in a .cue file.

Exploits (2)

exploitdb WORKING POC VERIFIED
by vade79 · clocalwindows
https://www.exploit-db.com/exploits/3975

This exploit demonstrates a buffer overflow in MagicISO v5.4 (build 0239) by crafting a malicious .cue file. It leverages control over EAX and EDX registers to overwrite memory and execute arbitrary shellcode, though reliability is noted as inconsistent due to memory layout dependencies.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Racy
Target: MagicISO v5.4 (build 0239)
No auth needed
Prerequisites: Ability to deliver a malicious .cue file to the target system · Target system running MagicISO v5.4 (build 0239)
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by n00b · rubydoslinux
https://www.exploit-db.com/exploits/3945

This Ruby script exploits a stack-based buffer overflow in MagicISO by crafting a malicious .cue file with an overly long filename. It demonstrates control over registers (EAX, ECX, EDX) but is currently a DoS PoC, though it notes potential for command execution.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: MagicISO (version unspecified, tested on Win XP SP2)
No auth needed
Prerequisites: Ability to deliver a malicious .cue file to the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/469302/100/0/threaded
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/3945
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34346
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36077
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25325
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1865
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24029

Scores

EPSS 0.0612
EPSS Percentile 92.5%

Details

Status published
Products (1)
magiciso/magiciso < 5.4_build_239
Published May 18, 2007
Tracked Since Feb 18, 2026