NTR ActiveX Control StopModule() Remote Code Execution (CVE-2012-0267)

A remote code execution vulnerability has been reported in the NTR ActiveX 1.1.8...

CVE-2012-0267

creationtimestamp| type| source ---|---|--- 2012-10-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/21839 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ntractivexstopmodule.rb 2025-02-06 03:13:40+00:0...

Secunia Research: NTR ActiveX Control "StopModule()" Input Validation Vulnerability

====================================================================== Secunia Research 11/01/2012 - NTR ActiveX Control "StopModule" Input Validation Vulnerability - ====================================================================== Table of Contents Affected...

NTR ActiveX Control < 2.0.4.8 Multiple Vulnerabilities

At least one version of the NTR ActiveX control installed on the remote Windows host is earlier than 2.0.4.8. As such, it reportedly is affected by the following vulnerabilities : - Four stack-based buffer overflows exist involving the 'bstrUrl' parameter of the 'StartModule' method, the...

CVE-2012-0267

CVE-2012-0267 : The StopModule method of the NTR ActiveX control (before version 2.0.4.8) allows remote attackers to execute arbitrary code by passing a crafted lModule parameter that dereferences an arbitrary memory address as a function pointer. This vulnerability results in remote code executi...