CVE-2007-2814

Pegasus ImagN' ActiveX control 4.00.041 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2814. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the Pegasus ImagN' ActiveX Control (IMW32O40.OCX V4.00.041) via the Filename property. It overwrites EIP and SEH pointers to execute shellcode, achieving remote code execution on Windows XP SP2.

Description

Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX control (IMW32O40.OCX) 4.00.041 allow remote attackers to execute arbitrary code via (1) a long FileName parameter, or unspecified vectors involving the (2) BeginReport, (3) CreatePictureExA, (4) DefineImage, (5) DefineImageEx, (6) DefineImageFox, (7) CopyBufToClipExA, (8) LoadEx, (9) LoadFox, and other functions.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · phpremotewindows

https://www.exploit-db.com/exploits/3966

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the Pegasus ImagN' ActiveX Control (IMW32O40.OCX V4.00.041) via the Filename property. It overwrites EIP and SEH pointers to execute shellcode, achieving remote code execution on Windows XP SP2.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Pegasus ImagN' ActiveX Control (IMW32O40.OCX V4.00.041)

No auth needed

Prerequisites: Victim must use Internet Explorer 6 with the vulnerable ActiveX control installed

MITRE ATT&CK