CVE-2007-3536

AMX NetLinx VNC ActiveX Control - Buffer Overflow via Long Host, Password, or LogFile Property Values

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3536. PoCs published by rgod.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in AMX Corp. VNC ActiveX Control (AmxVnc.dll 1.0.13.0) via the Host, Password, or LogFile properties. It uses a VBScript payload to trigger the overflow and execute shellcode, adding a user 'su' with password 'tzu'.

Description

Multiple buffer overflows in the AMX NetLinx VNC (AmxVnc) ActiveX control in AmxVnc.dll 1.0.13.0 allow remote attackers to execute arbitrary code via long (1) Host, (2) Password, or (3) LogFile property values.

Exploits (1)

exploitdb WORKING POC VERIFIED

by rgod · htmlremotewindows

https://www.exploit-db.com/exploits/4123

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in AMX Corp. VNC ActiveX Control (AmxVnc.dll 1.0.13.0) via the Host, Password, or LogFile properties. It uses a VBScript payload to trigger the overflow and execute shellcode, adding a user 'su' with password 'tzu'.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: AMX Corp. VNC ActiveX Control (AmxVnc.dll 1.0.13.0)

No auth needed

Prerequisites: Victim must visit a malicious webpage using Internet Explorer with the vulnerable ActiveX control installed

MITRE ATT&CK