CVE-2007-3955

LinkedIn Toolbar 3.0.2.1098 - Buffer Overflow via IEContextMenu search Method

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3955. PoCs published by Jared DeMott.

AI-analyzed exploit summary This exploit targets a heap overflow vulnerability in the VDA Labs ActiveX control (clsid:0F2437D6-C4E4-42CA-A906-F506E09354B7) by triggering a buffer overflow via the 'search' method. It uses a combination of NOP sleds and shellcode to achieve remote code execution.

Description

Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in LinkedInIEToolbar.dll in the LinkedIn Toolbar 3.0.2.1098 allows remote attackers to execute arbitrary code via a long second argument (varBrowser argument) to the search method. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Jared DeMott · htmlremotewindows

https://www.exploit-db.com/exploits/4217

View Code ZIP pw:eip

This exploit targets a heap overflow vulnerability in the VDA Labs ActiveX control (clsid:0F2437D6-C4E4-42CA-A906-F506E09354B7) by triggering a buffer overflow via the 'search' method. It uses a combination of NOP sleds and shellcode to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: VDA Labs ActiveX control

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · VDA Labs ActiveX control must be installed and enabled

MITRE ATT&CK