CVE-2025-34128

HIGH

X360 VideoPlayer <2.6 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2025-34128. PoCs published by Metasploit, Rh0, Rh0, juan vazquez, including Metasploit module exploits/windows/browser/x360_video_player_set_text_bof.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in the X360 VideoPlayer ActiveX control via the 'ConvertFile()' method to bypass ASLR/DEP and execute arbitrary code. It uses a combination of heap spraying and ROP techniques to achieve remote code execution on Windows systems.

Description

A buffer overflow vulnerability exists in the X360 VideoPlayer ActiveX control (VideoPlayer.ocx) version 2.6 when handling overly long arguments to the ConvertFile() method. An attacker can exploit this vulnerability by supplying crafted input to cause memory corruption and execute arbitrary code within the context of the current process.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/36100

This Metasploit module exploits a buffer overflow in the X360 VideoPlayer ActiveX control via the 'ConvertFile()' method to bypass ASLR/DEP and execute arbitrary code. It uses a combination of heap spraying and ROP techniques to achieve remote code execution on Windows systems.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: X360 VideoPlayer ActiveX Control (VideoPlayer.ocx)
No auth needed
Prerequisites: Victim must be using Internet Explorer 10.0 on Windows · ActiveX control must be installed and enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Rh0 · htmlremotewindows
https://www.exploit-db.com/exploits/35948

This exploit leverages a buffer overflow in the X360 VideoPlayer ActiveX Control to achieve arbitrary memory read/write, bypassing ASLR and DEP. It uses heap spraying and controlled memcpy to corrupt typed array structures, leading to remote code execution via shellcode.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: X360 VideoPlayer ActiveX Control 2.6 (VideoPlayer.ocx)
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer with the vulnerable ActiveX control installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by Rh0, juan vazquez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/x360_video_player_set_text_bof.rb

This Metasploit module exploits a buffer overflow in the X360 VideoPlayer ActiveX control via the 'SetText' method, bypassing ASLR/DEP to achieve remote code execution. It uses a combination of heap spraying, ROP chains, and stack manipulation to execute arbitrary payloads.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: X360 VideoPlayer ActiveX Control (VideoPlayer.ocx)
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer 10.0 · X360 VideoPlayer ActiveX control must be installed
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6

Scores

CVSS v4 8.6
EPSS 0.7039
EPSS Percentile 98.7%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-120 CWE-94
Status published
Products (1)
X360Soft/X360 VideoPlayer ActiveX Control 2.6
Published Jul 16, 2025
Tracked Since Feb 18, 2026