CVE-2007-2820

KSign KSignSWAT ActiveX Control 2.0.3.3 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2820. PoCs published by KIM Kee-hong.

AI-analyzed exploit summary This is a proof-of-concept exploit for CVE-2007-2820, targeting a buffer overflow vulnerability in KSignSWAT's SWAT_Login() function. It uses heap spraying to achieve arbitrary code execution, specifically launching calc.exe.

Description

Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX Control (AxKSignSWAT.dll) 2.0.3.3 allow remote attackers to execute arbitrary code via long arguments to the (1) SWAT_Init, (2) SWAT_InitEx, (3) SWAT_InitEx2, (4) SWAT_InitEx3, and (5) SWAT_Login functions.

Exploits (1)

exploitdb WORKING POC VERIFIED

by KIM Kee-hong · htmlremotewindows

https://www.exploit-db.com/exploits/3968

View Code ZIP pw:eip

This is a proof-of-concept exploit for CVE-2007-2820, targeting a buffer overflow vulnerability in KSignSWAT's SWAT_Login() function. It uses heap spraying to achieve arbitrary code execution, specifically launching calc.exe.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: KSignSWAT (specific version not specified)

No auth needed

Prerequisites: Victim must visit a malicious webpage using Internet Explorer · KSignSWAT ActiveX control must be installed

MITRE ATT&CK