FlexCell Grid ActiveX控件SaveFile()和ExportToXML()方法任意文件覆盖漏洞

FlexCell Grid ActiveX控件是一款表格控制工具，提供拷贝、拷贝预览、图表、合并单元格等全面功能。 FlexCell Grid ActiveX控件没有正确地验证对SaveFile和ExportToXML方法的输入参数，如果远程攻击者受骗访问了恶意网站并向该方式传送了特制参数的话，就可能导致以当前登录用户的权限覆盖任意系统文件。 FlexCell Technologies FlexCell Grid ActiveX 5.x 厂商补丁： FlexCell Technologies ---------------------...

FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit

No description provided by source. HTML BODY b Author : Houssamix br/ br/ br/ FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit br/ ExportToXML is vuln to br/ b/ object id=hsmx classid="clsid:2A7D9CCE-211A-4654-9449-718F71ED9644"/object SCRIPT / Report for Clsid:...

Synactic ALL_IN_THE_BOX File Overwrite

DSECRG-09-006 Synactis AllINTHEBOX ActiveX Control - Null byte File Owervrite Synactis AllINTHEBOX ActiveX Control ALLINTHEBOX.OCX can be used to owervrite any any file in target system. Vulnerable method is "SaveDoc" Application: Synactis AllINTHEBOX ActiveX Versions Affected: 3 Vendor URL:...

Synactis All_IN_THE_BOX ActiveX v3 Null byte File Overwrite Vuln

Exploit for unknown platform in category remote exploits ================================================================ Synactis AllINTHEBOX ActiveX v3 Null byte File Overwrite Vuln ================================================================ Digital Security Research Group DSecRG Advisory...

CVE-2009-0313

Summary: CVE-2009-0313 concerns winetricks prior to 20081223, where a symlink vulnerability in handling temporary x_showmenu.txt files permits local users to overwrite arbitrary files. Affected components: winetricks (before 20081223). Root cause: symlink attack during creation/usage of a tempora...

CVE-2009-0032

CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server CS 3.0 and 4.0, and Multi Network Firewall MNF 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file...

HtmlCapture 2.0 File Overwrite

Exploited By : Cyber-Zone ! Founded By : Cyber-Zone ABDELKHALEK ! E-----Mail : [email protected] ! Home------ : WwW.ArabiC-M.CoM ! GreeTz -To : $ Hussin X ; $ The5p3ctrum ; $ BayHay ; $ JiKo ; $ StaCk ; Dns Team ; TrYaG -------------- : IQ-SecuriTY Members ; All MoroCCaN HaCkerS . & I don...

CVE-2008-5966

CVE-2008-5966 affects Globsy 1.0 and earlier, where globsy_edit.php allows remote attackers to create or overwrite arbitrary files via the file parameter (filename) and data parameter (file contents). Root cause is improper handling of user-supplied filename and content, enabling arbitrary file w...

FlexCell Grid Control 5.6.9 - Remote File Overwrite

FlexCell Grid Control 5.6.9 - Remote File Overwrite Author : Houssamix FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit ExportToXML is vuln to / Report for Clsid: 2A7D9CCE-211A-4654-9449-718F71ED9644 RegKey Safe for Script: Faux RegKey Safe for Init: Faux Implements IObjectSafety: Vrai...

FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit

Exploit for unknown platform in category remote exploits ========================================================= FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit ========================================================= Author : Houssamix FlexCell Grid Control 5.6.9 Remote File Overwri...

FlexCell Grid Control 5.6.9 File Overwrite

Author : Houssamix FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit ExportToXML is vuln to / Report for Clsid: 2A7D9CCE-211A-4654-9449-718F71ED9644 RegKey Safe for Script: Faux RegKey Safe for Init: Faux Implements IObjectSafety: Vrai IDisp Safe: Safe for untrusted: caller,data IPersist...

FlexCell Grid Control 5.6.9 - Remote File Overwrite

Author : Houssamix FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit ExportToXML is vuln to / Report for Clsid: 2A7D9CCE-211A-4654-9449-718F71ED9644 RegKey Safe for Script: Faux RegKey Safe for Init: Faux Implements IObjectSafety: Vrai IDisp Safe: Safe for untrusted: caller,data IPersist...

SmartVmd 1.1 File Overwrite Exploit

Author : Houssamix SmartVmd ActiveX v 1.1 remote File Overwrite Exploit download : http://www.smartvmd.com/setup/SetupActiveXVmd.msi / Report for Clsid: E3462D53-47A6-11D8-8EF6-DAE89272743C RegKey Safe for Script: Faux RegKey Safe for Init: Faux Implements IObjectSafety: Vrai IDisp Safe: Safe for...

SmartVmd ActiveX 1.1 - Remote File Overwrite

SmartVmd ActiveX 1.1 - Remote File Overwrite Author : Houssamix SmartVmd ActiveX v 1.1 remote File Overwrite Exploit download : http://www.smartvmd.com/setup/SetupActiveXVmd.msi / Report for Clsid: E3462D53-47A6-11D8-8EF6-DAE89272743C RegKey Safe for Script: Faux RegKey Safe for Init: Faux...

SmartVmd ActiveX 1.1 - Remote File Overwrite

Author : Houssamix SmartVmd ActiveX v 1.1 remote File Overwrite Exploit download : http://www.smartvmd.com/setup/SetupActiveXVmd.msi / Report for Clsid: E3462D53-47A6-11D8-8EF6-DAE89272743C RegKey Safe for Script: Faux RegKey Safe for Init: Faux Implements IObjectSafety: Vrai IDisp Safe: Safe for...

Design/Logic Flaw

Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX control in EasyGrid.ocx 1.0.0.1 in AAA EasyGrid ActiveX 3.51 allows remote attackers to create and overwrite arbitrary files via the 1 DoSaveFile or 2 DoSaveHtmlFile method. NOTE: vector 1 could be leveraged for code execution by...

CVE-2009-0134

The CVE-2009-0134 entry concerns the EasyGrid.ocx 1.0.0.1 EasyGrid ActiveX control (AAA EasyGrid ActiveX 3.51). The vulnerability is an insecure method vulnerability in the SGCtrl.32 control that allows remote attackers to create and overwrite arbitrary files via DoSaveFile or DoSaveHtmlFile. Not...

Ciansoft PDFBuilderX 2.2 ActiveX Arbitrary File Overwrite Exploit

No description provided by source. b Ciansoft PDFBuilderX 2.2 Arbitrary File Overwrite br/ p0c br/ Alfons Luja br/ Pozdrowienia dla odFiecznych fanÓf br/ Tesw Eporue br/ -9002- br/ l00l br/ b/ object classid='clsid:00E7C7F8-71E2-498A-AB28-A3D72FC74485' id='kupa'/object script / Class PDFDoc GUID:...

MetaProducts MetaTreeX 1.5.100 - ActiveX File Overwrite

MetaProducts MetaTreeX 1.5.100 - ActiveX File Overwrite Author : Houssamix MetaProducts MetaTreeX V 1.5.100 Remote File Overwrite Exploit Note : SaveToFile is vuln to / Report for Clsid: 67E66985-F81A-11D6-BC0F-F7B40157DC26 RegKey Safe for Script: Faux RegKey Safe for Init: Faux Implements...

MetaProducts MetaTreeX V 1.5.100 ActiveX File Overwrite Exploit

Exploit for unknown platform in category remote exploits =============================================================== MetaProducts MetaTreeX V 1.5.100 ActiveX File Overwrite Exploit =============================================================== Author : Houssamix MetaProducts MetaTreeX V...