Main Vulnerability Database Exploits ID:1655 - Exploit for Stack-based buffer overflow in Movie Player - CVE-2010-0356

ID:1655 - Exploit for Stack-based buffer overflow in Movie Player - CVE-2010-0356

Published: March 18, 2020

Vulnerability identifier: #VU11530

Vulnerability risk: High

CVE-ID: CVE-2010-0356

CWE-ID: CWE-121

Exploitation vector: Remote access

Vulnerable software:
Movie Player

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/windows/browser/viscom_movieplayer_drawtext

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX. A remote attacker can trigger memory corruption and execute arbitrary code on the target system via a long strFontName parameter to the DrawText method.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

ID:1655 - Exploit for Stack-based buffer overflow in Movie Player - CVE-2010-0356

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human