CVE-2007-2851

LeadTools Raster Variant Object Library <14.5.0.44 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-2851. PoCs published by shinnai.

AI-analyzed exploit summary This exploit leverages a vulnerability in LeadTools Raster Variant Object Library (LTRVR14e.dll v. 14.5.0.44) to overwrite arbitrary files, specifically targeting system.ini. It uses VBScript to trigger the WriteDataToFile method via an ActiveX object.

Description

A certain ActiveX control in LeadTools Raster Variant Object Library (LTRVR14e.dll) 14.5.0.44 allows remote attackers to overwrite arbitrary files via the WriteDataToFile method.

Exploits (1)

exploitdb WORKING POC VERIFIED
by shinnai · htmlremotewindows
https://www.exploit-db.com/exploits/3961

This exploit leverages a vulnerability in LeadTools Raster Variant Object Library (LTRVR14e.dll v. 14.5.0.44) to overwrite arbitrary files, specifically targeting system.ini. It uses VBScript to trigger the WriteDataToFile method via an ActiveX object.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: LeadTools Raster Variant Object Library (LTRVR14e.dll v. 14.5.0.44)
No auth needed
Prerequisites: Victim must open the malicious HTML file in a vulnerable browser with ActiveX enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/34386
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/36033
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24075
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/3961

Scores

EPSS 0.0241
EPSS Percentile 81.9%

Details

Status published
Products (1)
lead_technologies/leadtools_raster_variant_object_library 14.5.0.44
Published May 24, 2007
Tracked Since Feb 18, 2026