CVE-2009-0811

SopCast SopCore ActiveX <3.0.3.501 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-0811. PoCs published by Nine:Situations:Group.

AI-analyzed exploit summary This exploit leverages the Sopcast SopCore ActiveX control (sopocx.ocx 3.0.3.501) to execute arbitrary code via the SetExternalPlayer() method. The PoC demonstrates how an attacker can associate a malicious executable with the 'external player' button, which executes without user prompts when clicked.

Description

Insecure method vulnerability in the SopCast SopCore ActiveX control in sopocx.ocx 3.0.3.501 allows remote attackers to execute arbitrary programs via an executable file name in the argument to the SetExternalPlayer method.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Nine:Situations:Group · htmlremotewindows
https://www.exploit-db.com/exploits/8143

This exploit leverages the Sopcast SopCore ActiveX control (sopocx.ocx 3.0.3.501) to execute arbitrary code via the SetExternalPlayer() method. The PoC demonstrates how an attacker can associate a malicious executable with the 'external player' button, which executes without user prompts when clicked.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Sopcast SopCore Control (sopocx.ocx 3.0.3.501)
No auth needed
Prerequisites: Victim must visit a malicious webpage · Sopcast SopCore ActiveX control must be installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48955
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/33920
Various Sources x_refsource_misc
http://retrogod.altervista.org/9sg_sopcastia.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/501252/100/0/threaded

Scores

EPSS 0.0554
EPSS Percentile 91.8%

Details

CWE
CWE-94
Status published
Products (1)
sopcast/sopcore_activex_control 3.0.3.501
Published Mar 04, 2009
Tracked Since Feb 18, 2026