CVE-2007-5911 – Viewpoint Media Player for IE 3.2 - Remote Stack Overflow (PoC)

https://notcve.org/view.php?id=CVE-2007-5911

Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID, (5) ComponentFileName, (6) ExtraProperty, (7) Properties, (8) RequiredVersions, (9) Source, or (10) XMLText method. Múltiples desbordamientos de búfer basados en pila en el control de ActiveX AxMetaStream en el AxMetaStream.dll 3.3.2.26 del Viewpoint Media Player 3.2 permiten a atacantes remotos ejecutar código de su elección a través del paso de un argumento de cadena largo a los métodos (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID, (5) ComponentFileName, (6) ExtraProperty, (7) Properties, (8) RequiredVersions, (9) Source o (10) XMLText. • https://www.exploit-db.com/exploits/4610 http://osvdb.org/40268 http://shinnai.altervista.org/exploits/txt/TXT_dolp8rQrZmWLlINruy0o.html http://www.securityfocus.com/bid/26356 https://exchange.xforce.ibmcloud.com/vulnerabilities/38287 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •