CVE-2007-5587

EXPLOITED IN THE WILD

Macrovision SafeDisc < 4.3.86.0 - Local Privilege Escalation via METHOD_NEITHER IOCTL Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2007-5587 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit from researchers including Elia Florio.

AI-analyzed exploit summary The provided text describes a local privilege escalation vulnerability in Macrovision SafeDisc due to insufficient input sanitization, allowing arbitrary code execution with SYSTEM privileges on Windows XP and 2003. The reference links to an external exploit archive but does not include functional exploit code.

Description

Buffer overflow in Macrovision SafeDisc secdrv.sys before 4.3.86.0, as shipped in Microsoft Windows XP SP2, XP Professional x64 and x64 SP2, Server 2003 SP1 and SP2, and Server 2003 x64 and x64 SP2 allows local users to overwrite arbitrary memory locations and gain privileges via a crafted argument to a METHOD_NEITHER IOCTL, as originally discovered in the wild.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Elia Florio · textlocalwindows
https://www.exploit-db.com/exploits/30680

The provided text describes a local privilege escalation vulnerability in Macrovision SafeDisc due to insufficient input sanitization, allowing arbitrary code execution with SYSTEM privileges on Windows XP and 2003. The reference links to an external exploit archive but does not include functional exploit code.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Theoretical
Target: Macrovision SafeDisc (Windows XP/2003)
No auth needed
Prerequisites: Local access to the affected system
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (17)

Core 17
Core References
Exploit x_refsource_misc
http://blog.48bits.com/?p=172
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27285
Vendor Advisory vendor-advisory x_refsource_mskb
http://www.microsoft.com/technet/security/advisory/944653.mspx
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4584
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3537
Third Party Advisory, VDB Entry vendor-advisory x_refsource_hp
http://www.securityfocus.com/archive/1/485268/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/41429
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA07-345A.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/482482/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/37284
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/482474/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3266
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018833
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26121

Scores

EPSS 0.0017
EPSS Percentile 37.6%

Details

VulnCheck KEV 2007-12-11
InTheWild.io 2018-10-15
CWE
CWE-119 CWE-264
Status published
Products (1)
macrovision/safedisc
Published Oct 19, 2007
Tracked Since Feb 18, 2026