CVE-2008-1044

Move Networks Move Media Player - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the Quantum Streaming Player (Quantum Streaming IE Player) ActiveX control (aka QSP2IE.QSP2IE) in qsp2ie07076007.dll 7.7.6.7 and qsp2ie07074039.dll 7.7.4.39 in Move Media Player allows remote attackers to execute arbitrary code via a long argument to the UploadLogs method, a different vector than CVE-2007-4722. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Elazar · htmlremotewindows

https://www.exploit-db.com/exploits/5190

View Code ZIP pw:eip

References (5)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/27995

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060460.html

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/0684

[Vendor Advisory] http://secunia.com/advisories/29108

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/5190

Scores

EPSS 0.2510

EPSS Percentile 96.2%

Details

CWE

CWE-119

Status published

Products (3)

move_networks_inc/move_media_player

move_networks_inc/qunatum_streaming_player 7.7.4_39

move_networks_inc/qunatum_streaming_player 7.7.6.7

Published Feb 27, 2008

Tracked Since Feb 18, 2026