CVE-2007-2644

Morovia Barcode ActiveX Pro 3.3.1304 - RCE

Title source: llm

Description

A certain ActiveX control in Morovia Barcode ActiveX Professional 3.3.1304 allows remote attackers to overwrite arbitrary files by calling the Save method with an arbitrary filename.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/3899

View Code ZIP pw:eip

References (6)

[Various Sources] http://www.shinnai.altervista.org/viewtopic.php?id=42&t_id=13

[Various Sources] http://moaxb.blogspot.com/2007/05/morovia-barcode-activex-professional.html

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3899

[Third Party Advisory, VDB Entry] http://osvdb.org/37786

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/34248

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/23934

Scores

EPSS 0.0900

EPSS Percentile 92.6%

Details

Status published

Products (1)

morovia/barcode_activex_control 3.3.1304

Published May 13, 2007

Tracked Since Feb 18, 2026