CVE-2012-5451

TVMOBiLi <2.1.0.3974 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-5451. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary This exploit demonstrates a remote DoS vulnerability in TVMOBiLi media server by sending maliciously crafted HTTP GET or HEAD requests with specific lengths (161, 257, or 255 characters) to trigger a stack-based buffer overflow, crashing the service.

Description

Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.

Exploits (1)

exploitdb WORKING POC

by High-Tech Bridge SA · textdoswindows

https://www.exploit-db.com/exploits/23254

View Code ZIP pw:eip

This exploit demonstrates a remote DoS vulnerability in TVMOBiLi media server by sending maliciously crafted HTTP GET or HEAD requests with specific lengths (161, 257, or 255 characters) to trigger a stack-based buffer overflow, crashing the service.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: TVMOBiLi media server 2.1.0.3557 and prior

No auth needed

Prerequisites: Network access to the target server on port 30888

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory x_refsource_misc

https://www.htbridge.com/advisory/HTB23120

Patch, Vendor Advisory x_refsource_confirm

http://www.tvmobili.com/changelog.php

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/56853

Scores

EPSS 0.0399

EPSS Percentile 89.1%

Details

CWE

CWE-119

Status published

Products (1)

tvmobili/tvmobili < 2.1.0.3880

Published Apr 24, 2015

Tracked Since Feb 18, 2026