CVE-2008-7103

Najdi.si Toolbar 2.0.4.1 - Stack-Based Buffer Overflow via Document.Location Property

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-7103. PoCs published by shinnai.

AI-analyzed exploit summary This exploit leverages a buffer overflow vulnerability in the Najdi.si Toolbar via a maliciously crafted URL with an overly long string. The PoC uses VBScript to trigger the overflow, potentially allowing arbitrary code execution.

Description

Stack-based buffer overflow in an ActiveX control in najdisitoolbar.dll in Najdi.si Toolbar 2.0.4.1 allows remote attackers to cause a denial of service (browser crash) or execute arbitrary code via a long Document.Location property value.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shinnai · htmldoswindows

https://www.exploit-db.com/exploits/6327

View Code ZIP pw:eip

This exploit leverages a buffer overflow vulnerability in the Najdi.si Toolbar via a maliciously crafted URL with an overly long string. The PoC uses VBScript to trigger the overflow, potentially allowing arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Najdi.si Toolbar (version unspecified)

No auth needed

Prerequisites: Victim must have Najdi.si Toolbar installed · Victim must visit a malicious webpage or open a malicious HTML file

MITRE ATT&CK