CVE-2003-0470

Symantec Security Check - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0470. PoCs published by Cesar Cerrudo.

AI-analyzed exploit summary This exploit targets a boundary condition error in the RuFSI Utility Class ActiveX control. By invoking the CompareVersionStrings method with long strings, it can trigger a buffer overflow, potentially leading to arbitrary code execution with the privileges of the user running the web browser.

Description

Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cesar Cerrudo · textdoswindows

https://www.exploit-db.com/exploits/22816

View Code ZIP pw:eip

This exploit targets a boundary condition error in the RuFSI Utility Class ActiveX control. By invoking the CompareVersionStrings method with long strings, it can trigger a buffer overflow, potentially leading to arbitrary code execution with the privileges of the user running the web browser.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: RuFSI Utility Class ActiveX control (clsid:69DEAF94-AF66-11D3-BEC0-00105AA9B6AE)

No auth needed

Prerequisites: Victim must visit a malicious webpage · ActiveX control must be installed and enabled

MITRE ATT&CK