CVE-2008-0237

Microsoft Rich Textbox Control - Remote Code Execution via SaveFile Method

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0237. PoCs published by shinnai.

AI-analyzed exploit summary This exploit leverages an insecure method in the Microsoft Rich Textbox Control 6.0 (SP6) to save arbitrary files on a user's system via the 'SaveFile()' method. It demonstrates file creation/overwrite by saving a batch file to 'C:\shinnai.bat' when a button is clicked.

Description

The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 allows remote attackers to execute arbitrary commands by invoking the insecure SaveFile method.

Exploits (1)

exploitdb WORKING POC VERIFIED
by shinnai · htmlremotewindows
https://www.exploit-db.com/exploits/4874

This exploit leverages an insecure method in the Microsoft Rich Textbox Control 6.0 (SP6) to save arbitrary files on a user's system via the 'SaveFile()' method. It demonstrates file creation/overwrite by saving a batch file to 'C:\shinnai.bat' when a button is clicked.

Classification
Working Poc 95%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Microsoft Rich Textbox Control 6.0 (SP6) (RICHTX32.OCX ver. 6.1.97.82)
No auth needed
Prerequisites: User interaction (clicking a button) · Internet Explorer with ActiveX enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39557
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/4874
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27201

Scores

EPSS 0.2047
EPSS Percentile 97.2%

Details

CWE
CWE-20
Status published
Products (1)
microsoft/rich_textbox_control 6.0
Published Jan 11, 2008
Tracked Since Feb 18, 2026