CVE-2010-4742

Moxa ActiveX SDK <2.2.0.5 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in a certain ActiveX control in MediaDBPlayback.DLL 2.2.0.5 in the Moxa ActiveX SDK allows remote attackers to execute arbitrary code via a long PlayFileName property value.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16685

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/moxa_mediadbplayback.rb

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://www.osvdb.org/68986

[Exploit] http://www.metasploit.com/modules/exploit/windows/fileformat/moxa_mediadbplayback

[Exploit] http://reversemode.com/index.php?option=com_content&task=view&id=70&Itemid=1

Scores

EPSS 0.4817

EPSS Percentile 97.7%

Details

CWE

CWE-119

Status published

Products (1)

moxa/activex_sdk

Published Feb 18, 2011

Tracked Since Feb 18, 2026