CVE-2013-6040

HIGH

MW6 Aztec, DataMatrix, MaxiCode <4.0 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2013-6040. PoCs published by Pedro Ribeiro.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow vulnerability in the MW6MaxiCode ActiveX control (CLSID {2355C601-37D1-42B4-BEB1-03C773298DC8}) by passing an overly long string to the 'Data' parameter, leading to arbitrary code execution. The PoC triggers a crash in Internet Explorer, with registers EAX and ECX controllable via crafted input.

Description

MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls before version 4.0 vulnerable to arbitrary code via a crafted HTML document. Latest versions (4.0) of MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls have resolved the issue

Exploits (3)

exploitdb WORKING POC
by Pedro Ribeiro · htmldoswindows
https://www.exploit-db.com/exploits/31178

This exploit demonstrates a buffer overflow vulnerability in the MW6MaxiCode ActiveX control (CLSID {2355C601-37D1-42B4-BEB1-03C773298DC8}) by passing an overly long string to the 'Data' parameter, leading to arbitrary code execution. The PoC triggers a crash in Internet Explorer, with registers EAX and ECX controllable via crafted input.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: MaxiCode ActiveX Control (MaxiCode.dll) version 4.0.0.1
No auth needed
Prerequisites: Internet Explorer with the vulnerable ActiveX control installed · User interaction to open the malicious HTML file
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Pedro Ribeiro · htmldoswindows
https://www.exploit-db.com/exploits/31177

This is a proof-of-concept exploit for a buffer overflow vulnerability in the MW6DataMatrix ActiveX control (CVE-2013-6040). The exploit triggers a write access violation by passing an overly long string to the 'Data' parameter, potentially leading to arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: MW6DataMatrix ActiveX Control (DATAMA~1.DLL) version 4.0.0.1
No auth needed
Prerequisites: Target system with MW6DataMatrix ActiveX control installed · Victim must open the malicious HTML file
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Pedro Ribeiro · htmldoswindows
https://www.exploit-db.com/exploits/31176

This exploit demonstrates a buffer overflow vulnerability in the MW6Aztec ActiveX control (CLSID: {F359732D-D020-40ED-83FF-F381EFE36B54}) by passing a string larger than 9000 characters to the 'Data' parameter, leading to arbitrary code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: MW6Aztec ActiveX Control (Aztec.dll) version 4.0.0.1
No auth needed
Prerequisites: Target system with the vulnerable MW6Aztec ActiveX control installed · Browser or environment capable of instantiating ActiveX controls
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 8.1
EPSS 0.0737
EPSS Percentile 93.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

Status published
Products (6)
MW6 Tech/MW6 Aztec ActiveX Controls 0.0 - 4.0
MW6 Tech/MW6 DataMatrix ActiveX Controls 0.0 - 4.0
MW6 Tech/MW6 MaxiCode ActiveX Controls 0.0 - 4.0
mw6tech/aztec_activex_control
mw6tech/datamatrix_activex_control
mw6tech/maxicode_activex_control
Published Jan 21, 2014
Tracked Since Feb 18, 2026