CVE-2012-0267

NTR ActiveX <2.0.4.8 - RCE

Title source: llm

Description

The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/21839

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Carsten Eiram, juan vazquez · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ntr_activex_stopmodule.rb

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://secunia.com/secunia_research/2012-2/

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/72295

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/21839

[Third Party Advisory] http://secunia.com/advisories/45166

Scores

EPSS 0.7328

EPSS Percentile 98.8%

Details

CWE

CWE-20

Status published

Products (1)

ntrglobal/ntr_activex_control < 1.1.8

Published Jan 15, 2012

Tracked Since Feb 18, 2026