CVE-2007-3400

NCTAudioEditor and NCTAudioStudio - Arbitrary File Write via NCTWMAFile2.dll CreateFile Method

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3400. PoCs published by shinnai.

AI-analyzed exploit summary This exploit targets an insecure method in NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll v. 2.6.2.157) that allows arbitrary file creation via the CreateFile method. It demonstrates overwriting the system.ini file, which could lead to system instability or denial of service.

Description

The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in NCTAudioEditor and NCTAudioStudio 2.7, allows remote attackers to overwrite arbitrary files via the CreateFile method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/4101

View Code ZIP pw:eip

This exploit targets an insecure method in NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll v. 2.6.2.157) that allows arbitrary file creation via the CreateFile method. It demonstrates overwriting the system.ini file, which could lead to system instability or denial of service.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: NCTAudioEditor2 ActiveX DLL (NCTWMAFile2.dll v. 2.6.2.157)

No auth needed

Prerequisites: Victim must have the vulnerable ActiveX control installed and enabled in Internet Explorer

MITRE ATT&CK