CVE-2011-0499
Verytools Videospirit Lite < 1.4.0.1 - Memory Corruption
Title source: ruleDescription
Buffer overflow in VideoSpirit Pro 1.6.8.1 and possibly earlier versions, and VideoSpirit Lite 1.4.0.1 and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "name" attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploits (3)
metasploit
WORKING POC
GOOD
by Acidgen · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/videospirit_visprj.rb
Scores
EPSS
0.5953
EPSS Percentile
98.2%
Classification
CWE
CWE-119
Status
draft
Affected Products (3)
verytools/videospirit_lite
< 1.4.0.1
verytools/videospirit_pro
< 1.6.8.1
verytools/videospirit_pro
Timeline
Published
Jan 20, 2011
Tracked Since
Feb 18, 2026