CVE-2007-6605

SkyFexClient <1.0 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6605. PoCs published by shinnai.

AI-analyzed exploit summary This exploit demonstrates a remote stack overflow in SkyFex Client 1.0 via the 'Start()' method. It uses a long string input to overflow the buffer, potentially allowing arbitrary code execution.

Description

Buffer overflow in a certain ActiveX control in SkyFexClient.ocx 1.0.2.77 in SkyFex Client 1.0 allows remote attackers to execute arbitrary code via long strings in the first four arguments to the Start method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmldoswindows

https://www.exploit-db.com/exploits/4801

View Code ZIP pw:eip

This exploit demonstrates a remote stack overflow in SkyFex Client 1.0 via the 'Start()' method. It uses a long string input to overflow the buffer, potentially allowing arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: SkyFex Client 1.0.2.77

No auth needed

Prerequisites: Internet Explorer with SkyFex Client ActiveX control installed

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/39868

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/27059

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/39288

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/4801

Scores

EPSS 0.0371

EPSS Percentile 88.3%

Details

CWE

CWE-119

Status published

Products (1)

skyfex/skyfex_client 1.0.2.77

Published Dec 31, 2007

Tracked Since Feb 18, 2026