CVE-2008-0443

Lycos FileUploader.dll 2.0.0.2 - Heap-Based Buffer Overflow via HandwriterFilename Property

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0443. PoCs published by Elazar.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in the Lycos FileUploader ActiveX control (CVE-2008-0443). It uses a heap spray technique to execute shellcode, which can launch calc.exe or bind a shell to port 4444.

Description

Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0.0.2 in Lycos FileUploader Module allows remote attackers to execute arbitrary code via a long HandwriterFilename property value. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Elazar · htmlremotewindows

https://www.exploit-db.com/exploits/4967

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in the Lycos FileUploader ActiveX control (CVE-2008-0443). It uses a heap spray technique to execute shellcode, which can launch calc.exe or bind a shell to port 4444.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Lycos FileUploader Control version 2.0.0.2

No auth needed

Prerequisites: Victim must visit the malicious webpage using Internet Explorer with the vulnerable ActiveX control installed

MITRE ATT&CK