CVE-2009-0811

SopCast SopCore ActiveX <3.0.3.501 - RCE

Title source: llm

Description

Insecure method vulnerability in the SopCast SopCore ActiveX control in sopocx.ocx 3.0.3.501 allows remote attackers to execute arbitrary programs via an executable file name in the argument to the SetExternalPlayer method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nine:Situations:Group · htmlremotewindows

https://www.exploit-db.com/exploits/8143

View Code ZIP pw:eip

References (4)

[Various Sources] http://retrogod.altervista.org/9sg_sopcastia.html

[Exploit] http://www.securityfocus.com/bid/33920

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/48955

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/501252/100/0/threaded

Scores

EPSS 0.0330

EPSS Percentile 87.3%

Details

CWE

CWE-94

Status published

Products (1)

sopcast/sopcore_activex_control 3.0.3.501

Published Mar 04, 2009

Tracked Since Feb 18, 2026