CVE-2007-4983

JetAudio 7.0.3 Basic and 7.0.3.3016 - Path Traversal and Arbitrary File Write via DownloadFromMusicStore Method

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4983. PoCs published by h07.

AI-analyzed exploit summary This exploit leverages a vulnerability in jetAudio 7.x ActiveX control to achieve remote code execution by abusing the DownloadFromMusicStore() method to write an arbitrary file to a privileged location.

Description

Directory traversal vulnerability in the JetAudio.Interface.1 ActiveX control in JetFlExt.dll in jetAudio 7.0.3 Basic and 7.0.3.3016 allows remote attackers to create or overwrite arbitrary local files via a ..\ (dot dot backslash) in the second argument to the DownloadFromMusicStore method. NOTE: some of these details are obtained from third party information. NOTE: this can be leveraged for code execution by overwriting JetAudio.exe, which is launched by the control after completion of the method call.

Exploits (1)

exploitdb WORKING POC VERIFIED

by h07 · htmlremotewindows

https://www.exploit-db.com/exploits/4427

View Code ZIP pw:eip

This exploit leverages a vulnerability in jetAudio 7.x ActiveX control to achieve remote code execution by abusing the DownloadFromMusicStore() method to write an arbitrary file to a privileged location.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: jetAudio 7.x (tested on 7.0.3 Basic)

No auth needed

Prerequisites: Victim must use Internet Explorer with ActiveX enabled · Attacker must host a malicious file (evil.mp3) on a controlled server

MITRE ATT&CK