CVE-2008-0237

Microsoft Rich Textbox Control - Improper Input Validation

Title source: rule

Description

The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 allows remote attackers to execute arbitrary commands by invoking the insecure SaveFile method.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmlremotewindows

https://www.exploit-db.com/exploits/4874

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/39557

[Exploit] http://shinnai.altervista.org/exploits/txt/TXT_DZVN8CwCha0I2fI3NeEs.html

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4874

[Exploit] http://www.securityfocus.com/bid/27201

Scores

EPSS 0.3321

EPSS Percentile 96.9%

Details

CWE

CWE-20

Status published

Products (1)

microsoft/rich_textbox_control 6.0

Published Jan 11, 2008

Tracked Since Feb 18, 2026