CVE-2007-6533

Zoom Player 6.00 beta 2 - Buffer Overflow via Crafted ZPL File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6533. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Zoom Player Pro v3.30 via a maliciously crafted .m3u file. It leverages SEH overwrites and Unicode-friendly shellcode to achieve remote code execution.

Description

Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow in Unicode handling when generating an error message.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · phpremotemultiple

https://www.exploit-db.com/exploits/30933

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Zoom Player Pro v3.30 via a maliciously crafted .m3u file. It leverages SEH overwrites and Unicode-friendly shellcode to achieve remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Zoom Player Pro v3.30

No auth needed

Prerequisites: Victim must open the malicious .m3u file in Zoom Player Pro v3.30

MITRE ATT&CK