CVE-2015-1171

GSM SIM Utility <6.6 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file.

Exploits (2)

exploitdb WORKING POC

by Osanda Malith Jayathissa · textlocalwindows

https://www.exploit-db.com/exploits/35821

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Ruben Alejandro · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/gsm_sim.rb

View Code ZIP pw:eip

References (3)

[Exploit] http://packetstormsecurity.com/files/129992/simeditor-overflow.txt

[Exploit] https://osandamalith.wordpress.com/2015/01/16/sim-editor-stack-based-buffer-overflow/

[Exploit] https://www.youtube.com/watch?v=tljbFpYtDTk

Scores

EPSS 0.7687

EPSS Percentile 99.0%

Details

CWE

CWE-119

Status published

Products (1)

gsm/sim_card_editor 6.6

Published Aug 28, 2015

Tracked Since Feb 18, 2026