Public exploit · Metasploit Module

Viscom Software Movie Player Pro SDK ActiveX 6.8

Published Rocco Calvi

Exploit summary

A stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control within MoviePlayer.ocx version 6.8.0.0. The vulnerability allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawText method. The exploit bypasses DEP and ASLR protections.

Source & references