CVE-2007-3068
DVD X Player 4.1 Professional - Stack-Based Buffer Overflow via PLF Playlist Filename
Title source: llmExploitation Summary
EIP tracks 5 public exploits for CVE-2007-3068.
PoCs published by blake, Metasploit, n00b, including Metasploit module exploits/windows/fileformat/dvdx_plf_bof.
AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in DVD X Player 5.5 Pro, leveraging SEH overwrite and ASLR bypass via a non-ASLR module. It includes a bind shell payload and an egghunter to locate the shellcode in memory.
Description
Stack-based buffer overflow in DVD X Player 4.1 Professional allows remote attackers to execute arbitrary code via a PLF playlist containing a long filename.
Exploits (5)
This exploit targets a buffer overflow vulnerability in DVD X Player 5.5 Pro, leveraging SEH overwrite and ASLR bypass via a non-ASLR module. It includes a bind shell payload and an egghunter to locate the shellcode in memory.
This Metasploit module exploits a stack-based buffer overflow in DVD X Player 5.5 via a maliciously crafted .plf playlist file, leading to arbitrary code execution. It uses ROP techniques to bypass DEP and execute payloads.
This Ruby script exploits a buffer overflow vulnerability in DVD X Player 4.1 Professional by crafting a malicious .PLF file. It overwrites the SEH handler and EIP to execute arbitrary shellcode, launching calc.exe as a proof of concept.
This exploit targets DVD X Player 5.5 Pro, leveraging a buffer overflow to bypass DEP and ASLR via ROP chains and executing shellcode for remote code execution. It uses VirtualProtect to mark memory as executable and a non-ASLR module (EPG.dll) for predictable addresses.
This Metasploit module exploits a stack-based buffer overflow in DVD X Player 5.5 via a maliciously crafted .plf playlist file. It leverages ROP techniques to bypass DEP and achieve arbitrary code execution.