Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2007-4722

Published: 05/09/2007 Updated: 29/09/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 690
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Move Media Player

Vulnerability Summary

Multiple stack-based buffer overflows in the Quantum Streaming Internet Explorer Player ActiveX control in qsp2ie07051001.dll 1.0.0.1 in Move Media Player allow remote malicious users to execute arbitrary code via a long string to the (1) Play and (2) Buzzer methods.

Vulnerable Product Search on Vulmon Subscribe to Product

move networks inc move media player 1.0.1

Exploits

Exploit DB: move-overwrite.txt
Move Networks Quantum Streaming player SEH overwrite exploit that spawns calcexe ...
Exploit DB: Move Networks Quantum Streaming Player - Remote Overflow (SEH)
<!-- Move Networks Quantum Streaming Player SEH Overwrite Exploit Vulnerability discovered by Parvez Anwar, CVE-2007-4722 Exploit written by eb Shellcode is limited to around 400 bytes Tested on Windows XP SP2(fully patched) English, IE6 Thanks to hdm and the Metasploit crew --> <html> <head> <title>Move Networks Q ...
Exploit DB: Move Media Player 1.0 Quantum Streaming - ActiveX Control Multiple Buffer Overflow Vulnerabilities
source: wwwsecurityfocuscom/bid/25529/info Move Media Player is prone to multiple remote buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied data before copying it into insufficiently sized memory buffers Exploiting these issues allows remote attackers to execute arbitrary code in the con ...

References

CWE-119http://secunia.com/advisories/26600http://www.kb.cert.org/vuls/id/298345http://www.securityfocus.com/bid/25529http://osvdb.org/37778https://exchange.xforce.ibmcloud.com/vulnerabilities/36433https://www.exploit-db.com/exploits/4868https://nvd.nist.govhttps://packetstormsecurity.com/files/62429/move-overwrite.txt.htmlhttps://www.exploit-db.com/exploits/4868/https://www.kb.cert.org/vuls/id/298345
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook