31 matches found
Design/Logic Flaw
Multiple insecure method vulnerabilities in MW6 Technologies DataMatrix ActiveX control DATAMATRIXLib.MW6DataMatrix, DataMatrix.dll 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the 1 SaveAsBMP and 2 SaveAsWMF methods...
CVE-2008-4925
CVE-2008-4925 affects MW6 Technologies DataMatrix ActiveX control (DATAMATRIXLib.MW6DataMatrix, DataMatrix.dll) version 3.0.0.1. The flaw arises in the SaveAsBMP and SaveAsWMF methods, allowing a remote attacker to overwrite arbitrary files by supplying a full pathname. Impact per the entry is co...
CVE-2008-4925
Multiple insecure method vulnerabilities in MW6 Technologies DataMatrix ActiveX control DATAMATRIXLib.MW6DataMatrix, DataMatrix.dll 3.0.0.1 allow remote attackers to overwrite arbitrary files via a full pathname argument to the 1 SaveAsBMP and 2 SaveAsWMF methods...
MW6 DataMatrix ActiveX (DataMatrix.dll) Insecure Method Exploit
No description provided by source. !-- By Dr.Pantagon DeltaSecurityCenter www.DeltaSecurity.ir Description : DataMatrix ActiveX ver : 3.0.0.1 CopyRight : MW6 Technologies, Inc. Download Link : http://www.mw6tech.com/datamatrix/try/MW6DataMatrix.zip This was written for educational purpose. Use it...
MW6 DataMatrix 'DataMatrix.dll' ActiveX控件任意文件覆盖漏洞
BUGTRAQ ID: 31980 CNCAN ID:CNCAN-2008103004 MW6 DataMatrix ActiveX是一款数据矩阵条码制作工具。 MW6 DataMatrix ActiveX 'DataMatrix.dll'存在设计问题,远程攻击者可以利用漏洞以应用程序权限覆盖系统文件。 控件对SaveAsBMP和SaveAsWMF方法处理存在问题,构建恶意WEB页,诱使用户访问,可导致以应用程序权限覆盖系统文件。 MW6 Technologies DataMatrix ActiveX 3.0 1 目前没有详细解决方案提供:...
mw6datamatrix-insecure.txt
Test Exploit page targetFile = "C:\WINDOWS\system32\DataMatrix.dll" prototype = "Sub SaveAsBMP ByVal FileName As String " memberName = "SaveAsBMP" progid = "DATAMATRIXLib.MW6DataMatrix" argCount = 1 arg1="c:\windows\system.ini" target.SaveAsBMP arg1 'target.SaveAsWMF arg1...
MW6 Datamatrix - ActiveX 'Datamatrix.dll' Insecure Method
 Test Exploit page targetFile = "C:\WINDOWS\system32\DataMatrix.dll" prototype = "Sub SaveAsBMP ByVal FileName As String " memberName = "SaveAsBMP" progid = "DATAMATRIXLib.MW6DataMatrix" argCount = 1 arg1="c:\windows\system.ini" target.SaveAsBMP arg1 'target.SaveAsWMF arg1 milw0rm.com 2008-10-...
MW6 DataMatrix ActiveX (DataMatrix.dll) Insecure Method Exploit
Exploit for unknown platform in category remote exploits =============================================================== MW6 DataMatrix ActiveX DataMatrix.dll Insecure Method Exploit =============================================================== ? Test Exploit page targetFile =...
MW6 Datamatrix - ActiveX Datamatrix.dll Insecure Method
MW6 Datamatrix - ActiveX Datamatrix.dll Insecure Method  Test Exploit page targetFile = "C:\WINDOWS\system32\DataMatrix.dll" prototype = "Sub SaveAsBMP ByVal FileName As String " memberName = "SaveAsBMP" progid = "DATAMATRIXLib.MW6DataMatrix" argCount = 1 arg1="c:\windows\system.ini"...
IDAutomation多个条码ActiveX控件任意文件覆盖漏洞
BUGTRAQ ID: 29204 IDAutomation是美国一家专注于自动识别、条形码技术的公司,IDAutomation的产品包括条形码编辑、识别、打印、扫描功能的字体包、软件、控件产品等。 IDAutomation带的ActiveX控件实现上存在漏洞,远程攻击者可能利用此漏洞在用户系统上写入任意文件。 IDAutomation所提供的以下条码ActiveX控件: IDAuto.BarCode.1(IDAutomationLinear6.dll) IDAuto.Datamatrix.1(IDAutomationDMATRIX6.DLL)...
idautomation-activex.txt
----------------------------------------------------------------------------- IDAutomation Multiple Vulnerabilities url: www.idautomation.com Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org This was written for educational purpose. Use it at your own risk. Autho...