CVE-2010-0356
Viscomsoft Movie Player Pro SDK Activex - Memory Corruption
Title source: ruleDescription
Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawText method.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/18134
exploitdb
WORKING POC
VERIFIED
by shinnai · textremotewindows
https://www.exploit-db.com/exploits/12320
metasploit
WORKING POC
NORMAL
by shinnai · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/viscom_movieplayer_drawtext.rb
References (4)
Scores
EPSS
0.6518
EPSS Percentile
98.5%
Details
CWE
CWE-119
Status
published
Products (1)
viscomsoft/movie_player_pro_sdk_activex
6.8
Published
Jan 18, 2010
Tracked Since
Feb 18, 2026