This module exploits a vulnerability in the ntractivex118.dll module included in the NTRglobal NTR Activex Control application. The exploit is triggered when the StopModule() method processes a crafted argument resulting in a buffer overflow. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This module runs a web server waiting for vulnerable clients (Internet Explorer 6, 7 and 8 in Windows XP to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
CVE Link
Exploit Platform
Exploit Type
Product Name