cbcvebase.
CVE-2007-3040
published 2007-09-12

CVE-2007-3040: Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted…

PriorityP358critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
57.22%
99.0th percentile
Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agent Service (agentsrv.exe) process, a different issue than CVE-2007-1205.

Detection & IOCsextracted from sources · hover to see the quote

filenameagentdpv.dll
processagentsrv.exe
versionagentdpv.dll 2.0.0.3425
otherAgent.Control.2
  • Monitor for instantiation of the 'Agent.Control.2' ActiveX object in browser/script contexts, which is the attack vector for this vulnerability.
  • Monitor agentsrv.exe for stack-based buffer overflow conditions triggered by crafted URLs passed to the Agent ActiveX control.
  • Look for Characters.Load calls with malformed or crafted URLs (e.g., malformed http:/// style URLs) passed to the Agent ActiveX control.
  • ·Vulnerability is specific to Windows 2000 SP4 with agentdpv.dll version 2.0.0.3425; other OS versions or DLL versions may not be affected.
  • ·This is a distinct issue from CVE-2007-1205 despite both involving Microsoft Agent.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.