CVE-2008-7079

Nero ShowTime 5.0.15.0 - Buffer Overflow via Long Entry in .M3U Playlist File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-7079. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit generates a maliciously crafted .m3u playlist file with an oversized buffer (432,809 bytes) to trigger a buffer overflow in Nero ShowTime v5.0.15.0. The PoC demonstrates the vulnerability but does not include a payload for arbitrary code execution.

Description

Buffer overflow in Nero ShowTime 5.0.15.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a .M3U playlist file. NOTE: this issue might be related to CVE-2008-0619.

Exploits (1)

exploitdb WORKING POC VERIFIED

by LiquidWorm · perldoswindows

https://www.exploit-db.com/exploits/7207

View Code ZIP pw:eip

This exploit generates a maliciously crafted .m3u playlist file with an oversized buffer (432,809 bytes) to trigger a buffer overflow in Nero ShowTime v5.0.15.0. The PoC demonstrates the vulnerability but does not include a payload for arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Nero ShowTime v5.0.15.0

No auth needed

Prerequisites: Victim must open the malicious .m3u file in Nero ShowTime

MITRE ATT&CK