CVE-2007-1402

Rediff Toolbar 2.0 - Denial of Service via ActiveX Control Manipulation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1402. PoCs published by Umesh Wanve.

AI-analyzed exploit summary This exploit targets a Denial of Service (DoS) vulnerability in the Rediff Toolbar ActiveX Control by instantiating the vulnerable object via its CLSID. The PoC triggers the vulnerability by embedding the ActiveX control in an HTML page, leading to a crash or hang of the affected application.

Description

The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Umesh Wanve · htmldoswindows

https://www.exploit-db.com/exploits/3433

View Code ZIP pw:eip

This exploit targets a Denial of Service (DoS) vulnerability in the Rediff Toolbar ActiveX Control by instantiating the vulnerable object via its CLSID. The PoC triggers the vulnerability by embedding the ActiveX control in an HTML page, leading to a crash or hang of the affected application.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Rediff Toolbar 2.0

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · Rediff Toolbar 2.0 must be installed on the victim's system

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit x_refsource_misc

http://downloads.securityfocus.com/vulnerabilities/exploits/21924.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/36899

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/21924

Scores

EPSS 0.0227

EPSS Percentile 80.8%

Details

Status published

Products (1)

rediff/toolbar 2.0

Published Mar 10, 2007

Tracked Since Feb 18, 2026