CVE-2007-1682

SoftArtisans XFile < 2.4.0 - Remote Code Execution via FileManager ActiveX Control

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-1682. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/browser/softartisans_getdrivename.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in the SoftArtisans XFile FileManager ActiveX control (SAFmgPwd.dll 2.0.5.3) via the GetDriveName() method. It delivers a payload through a malicious HTML page, leveraging JavaScript to trigger the vulnerability and execute arbitrary code.

Description

Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16592

This exploit targets a stack buffer overflow in the SoftArtisans XFile FileManager ActiveX control (SAFmgPwd.dll 2.0.5.3) via the GetDriveName() method. It delivers a payload through a malicious HTML page, leveraging JavaScript to trigger the vulnerability and execute arbitrary code.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SoftArtisans XFile FileManager ActiveX Control (SAFmgPwd.dll 2.0.5.3)
No auth needed
Prerequisites: Victim must visit a malicious webpage · ActiveX control must be installed and enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/softartisans_getdrivename.rb

This Metasploit module exploits a stack buffer overflow in the SoftArtisans XFile FileManager ActiveX control (SAFmgPwd.dll 2.0.5.3) via an overly long string passed to the GetDriveName() method, allowing arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SoftArtisans XFile FileManager ActiveX control (SAFmgPwd.dll 2.0.5.3)
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · ActiveX control must be installed and enabled in the browser
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/914785
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31615
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30826
Various Sources x_refsource_confirm
http://support.softartisans.com/Support-114.aspx

Scores

EPSS 0.2961
EPSS Percentile 98.0%

Details

CWE
CWE-119
Status published
Products (24)
softartisans/xfile 1.0
softartisans/xfile 1.0.6
softartisans/xfile 1.0.7
softartisans/xfile 1.0.8
softartisans/xfile 1.1
softartisans/xfile 1.01
softartisans/xfile 1.1.1
softartisans/xfile 1.1.2
softartisans/xfile 1.1.3
softartisans/xfile 1.1.4
... and 14 more
Published Aug 27, 2008
Tracked Since Feb 18, 2026