CVE-2007-6682

VLC < 0.8.6d - Remote Code Execution via Format String in HTTP Connection Parameter

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6682. PoCs published by EpiBite.

AI-analyzed exploit summary This exploit leverages a format string vulnerability in VLC 0.8.6d's httpd_FileCallBack function via the Connection parameter. It uses EBP chaining to redirect execution to a reverse shell payload, targeting FreeBSD 8.

Description

Format string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by EpiBite · cremotewindows

https://www.exploit-db.com/exploits/5519

View Code ZIP pw:eip

This exploit leverages a format string vulnerability in VLC 0.8.6d's httpd_FileCallBack function via the Connection parameter. It uses EBP chaining to redirect execution to a reverse shell payload, targeting FreeBSD 8.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: VideoLAN VLC 0.8.6d

No auth needed

Prerequisites: Network access to VLC's HTTP interface · VLC 0.8.6d running on FreeBSD 8

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/42208

Various Sources x_refsource_confirm

http://trac.videolan.org/vlc/changeset/23839

Exploit mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/485488/30/0/threaded

Third Party Advisory x_refsource_misc

http://aluigi.altervista.org/adv/vlcboffs-adv.txt

Third Party Advisory vendor-advisory x_refsource_gentoo

http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/29284

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2008/dsa-1543

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/3550

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/28233

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14790

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/5519

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/27015

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/29766

Scores

EPSS 0.1514

EPSS Percentile 96.3%

Details

Status published

Products (1)

videolan/vlc < 0.8.6d

Published Jan 17, 2008

Tracked Since Feb 18, 2026