Vulnerability & Exploit Database

Back to search

VX Search Enterprise GET Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on Windows 7 SP1 x86.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name



  • Daniel Teixeira


  • VX Search Enterprise v9.5.12


  • windows



Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/windows/http/vxsrchs_bof msf exploit(vxsrchs_bof) > show targets ...targets... msf exploit(vxsrchs_bof) > set TARGET <target-id> msf exploit(vxsrchs_bof) > show options and set options... msf exploit(vxsrchs_bof) > exploit