CVE-2007-4890

Microsoft Visual Studio 6.0 - Arbitrary File Write via VBTOVSI.DLL SaveAs Method

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4890. PoCs published by shinnai.

AI-analyzed exploit summary This exploit leverages the VBTOVSI.DLL library in Microsoft Visual Studio 6.0 to overwrite arbitrary files on the local system by using the Load() and SaveAs() methods. It demonstrates an arbitrary file overwrite vulnerability that can be triggered via a malicious HTML page.

Description

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can be copied from local files via the Load method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/4394

View Code ZIP pw:eip

This exploit leverages the VBTOVSI.DLL library in Microsoft Visual Studio 6.0 to overwrite arbitrary files on the local system by using the Load() and SaveAs() methods. It demonstrates an arbitrary file overwrite vulnerability that can be triggered via a malicious HTML page.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Visual Studio 6.0 VB To VSI Support Library (VBTOVSI.DLL v. 1.0.0.0)

No auth needed

Prerequisites: Victim must open the malicious HTML file in Internet Explorer · Target file must exist locally

MITRE ATT&CK