CVE-2007-0827

Alibaba Alipay ActiveX Control < 2.4.2.471 - Remote Code Execution via Remove Method

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-0827. PoCs published by cocoruder.

AI-analyzed exploit summary This exploit targets a vulnerability in Alipay ActiveX control (CLSID: {66F50F46-70A0-4A05-BD5E-FBCC0F9641EC}) via heap spraying to achieve remote code execution. The payload is a NOP sled followed by shellcode to execute arbitrary commands.

Description

The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary code via a JavaScript function that invokes the Remove method with an invalid index argument, which is used as an offset for a function call.

Exploits (1)

exploitdb WORKING POC VERIFIED

by cocoruder · htmlremotewindows

https://www.exploit-db.com/exploits/3279

View Code ZIP pw:eip

This exploit targets a vulnerability in Alipay ActiveX control (CLSID: {66F50F46-70A0-4A05-BD5E-FBCC0F9641EC}) via heap spraying to achieve remote code execution. The payload is a NOP sled followed by shellcode to execute arbitrary commands.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Alipay ActiveX Control (version unspecified)

No auth needed

Prerequisites: Victim must visit a malicious webpage · Alipay ActiveX control must be installed

MITRE ATT&CK