CVE-2007-3493

NCTAudioStudio <2.7 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3493. PoCs published by shinnai.

AI-analyzed exploit summary This exploit targets an insecure method in NCTAudioStudio2 ActiveX DLL (NCTWavChunksEditor2.dll v. 2.6.1.148) to overwrite the system.ini file via the CreateFile() method. It uses VBScript to trigger the vulnerability in Internet Explorer.

Description

A certain ActiveX control in NCTWavChunksEditor2.dll 2.6.1.148 in NCTAudioStudio (NCTAudioStudio2) 2.7, as used by Sienzo DMM and probably other products, allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the CreateFile method, a different product than CVE-2007-3400.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/4109

View Code ZIP pw:eip

This exploit targets an insecure method in NCTAudioStudio2 ActiveX DLL (NCTWavChunksEditor2.dll v. 2.6.1.148) to overwrite the system.ini file via the CreateFile() method. It uses VBScript to trigger the vulnerability in Internet Explorer.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: NCTAudioStudio2 ActiveX DLL (NCTWavChunksEditor2.dll v. 2.6.1.148)

No auth needed

Prerequisites: Victim must visit a malicious webpage using Internet Explorer with the vulnerable ActiveX control installed

MITRE ATT&CK