CVE-2007-6699

AIM PicEditor 9.5.1.8 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6699. PoCs published by Elazar Broad.

AI-analyzed exploit summary This exploit targets multiple buffer overflow vulnerabilities in the AOL Picture Editor ActiveX control (YGPPicEdit.dll) by passing an overly long string to various properties, leading to a denial of service (DoS). The PoC demonstrates the crash via a malicious HTML page but does not achieve arbitrary code execution.

Description

Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You've Got Pictures (YGP) Picture Editor allow remote attackers to cause a denial of service (browser crash) via a long string in the (1) DisplayName, (2) FinalSavePath, (3) ForceSaveTo, (4) HiddenControls, (5) InitialEditorScreen, (6) Locale, (7) Proxy, and (8) UserAgent property values.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Elazar Broad · htmldoswindows

https://www.exploit-db.com/exploits/30936

View Code ZIP pw:eip

This exploit targets multiple buffer overflow vulnerabilities in the AOL Picture Editor ActiveX control (YGPPicEdit.dll) by passing an overly long string to various properties, leading to a denial of service (DoS). The PoC demonstrates the crash via a malicious HTML page but does not achieve arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: AOL Picture Editor YGPPicEdit.dll 9.5.1.8

No auth needed

Prerequisites: Victim must visit a malicious HTML page using Internet Explorer with the vulnerable ActiveX control installed

MITRE ATT&CK