CVE-2007-3435

RKD Software BarCodeAx.dll 4.9 - Stack-Based Buffer Overflow via BeginPrint Method

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2007-3435. PoCs published by Metasploit, callAX, including Metasploit module exploits/windows/browser/barcode_ax49.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in RKD Software BarCodeAx.dll v4.9 via an overly long string to the BeginPrint method, leading to arbitrary code execution.

Description

Stack-based buffer overflow in the BeginPrint method in a certain ActiveX control in RKD Software (barcodetools.com) BarCodeAx.dll 4.9 allows remote attackers to execute arbitrary code via a long argument.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16565

This Metasploit module exploits a stack buffer overflow in RKD Software BarCodeAx.dll v4.9 via an overly long string to the BeginPrint method, leading to arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: RKD Software BarCodeAx.dll v4.9
No auth needed
Prerequisites: Target must have the vulnerable ActiveX control installed and accessible via a browser
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by callAX · htmlremotewindows
https://www.exploit-db.com/exploits/4094

This exploit demonstrates a stack-based buffer overflow in BarCodeAx.dll v. 4.9 via the BeginPrint method, allowing remote code execution. The PoC includes a crafted HTML file with VBScript to trigger the overflow and execute shellcode.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: BarCodeAx.dll v. 4.9
No auth needed
Prerequisites: Victim must visit a malicious webpage or open a crafted HTML file · BarCodeAx.dll v. 4.9 must be installed and registered
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/barcode_ax49.rb

This Metasploit module exploits a stack buffer overflow in RKD Software BarCodeAx.dll v4.9 via an overly long string to the BeginPrint method, allowing arbitrary code execution. It uses a JMP ESP instruction from ws2_32.dll for reliable exploitation.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: RKD Software BarCodeAx.dll v4.9
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/35011
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24596
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/2305
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4094
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/37482
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25788
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/472189/100/0/threaded

Scores

EPSS 0.3541
EPSS Percentile 98.2%

Details

Status published
Products (1)
rkd_software/barcode_activex 4.9
Published Jun 27, 2007
Tracked Since Feb 18, 2026