CVE-2010-5195

Roxio MyDVD 9 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-5195. PoCs published by storm, CristinaPravata.

AI-analyzed exploit summary This exploit leverages DLL hijacking in Roxio MyDVD 9 by providing a malicious HomeUtils9.dll. When loaded, it executes arbitrary code (calc.exe) via exported functions.

Description

Untrusted search path vulnerability in Roxio MyDVD 9 allows local users to gain privileges via a Trojan horse HomeUtils9.dll file in the current working directory, as demonstrated by a directory that contains a .dmsd or .dmsm file. NOTE: some of these details are obtained from third party information.

Exploits (2)

exploitdb WORKING POC

by storm · clocalwindows

https://www.exploit-db.com/exploits/14781

View Code ZIP pw:eip

This exploit leverages DLL hijacking in Roxio MyDVD 9 by providing a malicious HomeUtils9.dll. When loaded, it executes arbitrary code (calc.exe) via exported functions.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Roxio MyDVD 9

No auth needed

Prerequisites: Victim must open a .dmsd or .dmsm file in a directory where the malicious DLL is placed

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WRITEUP

by CristinaPravata · poc

https://github.com/CristinaPravata/dirtycaw-projet

View Code ZIP pw:eip

This repository provides a detailed walkthrough of exploiting the Dirty COW vulnerability (CVE-2016-5195) to achieve local privilege escalation on a vulnerable Ubuntu 16.04.1 system. It includes steps for environment setup, exploit compilation, and execution, but does not contain the actual exploit code.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Racy

Target: Linux Kernel 4.4.0-31-generic

Auth required

Prerequisites: Vulnerable Linux kernel (4.4.0-31-generic) · Local user access · Compilation environment (g++)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/14781/

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/41152

Scores

EPSS 0.0089

EPSS Percentile 54.6%

Details

Status published

Products (1)

roxio/mydvd 9

Published Sep 06, 2012

Tracked Since Feb 18, 2026