CVE-2007-5911

Viewpoint Media Player - Memory Corruption

Title source: rule

Description

Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID, (5) ComponentFileName, (6) ExtraProperty, (7) Properties, (8) RequiredVersions, (9) Source, or (10) XMLText method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmldoswindows

https://www.exploit-db.com/exploits/4610

View Code ZIP pw:eip

References (5)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4610

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/26356

[Various Sources] http://shinnai.altervista.org/exploits/txt/TXT_dolp8rQrZmWLlINruy0o.html

[Third Party Advisory, VDB Entry] http://osvdb.org/40268

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/38287

Scores

EPSS 0.1991

EPSS Percentile 95.5%

Details

CWE

CWE-119

Status published

Products (1)

viewpoint/media_player 3.2

Published Nov 10, 2007

Tracked Since Feb 18, 2026