Black Ice Cover Page ActiveX Control Arbitrary File Download

No description provided by source. $Id: blackicedownloadimagefileurl.rb 12992 2011-06-21 02:51:39Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensin...

Black Ice Cover Page ActiveX Control Arbitrary File Download

This module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control BIImgFrm.ocx 12.0.0.0. Code execution can be achieved by first uploading the payload to the remote machine, and then uploa...

Black Ice Cover Page - ActiveX Control Arbitrary File Download (Metasploit)

$Id: blackicedownloadimagefileurl.rb 12992 2011-06-21 02:51:39Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2008-2693

Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method...

Memory corruption

The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from thir...

Information disclosure

The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to force the download and storage of arbitrary files by specifying the origin URL in the first argument to the DownloadImageFileURL method, and the local filename in the second...

CVE-2008-2683

The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to force the download and storage of arbitrary files by specifying the origin URL in the first argument to the DownloadImageFileURL method, and the local filename in the second...

CVE-2008-2684

The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from thir...

EUVD-2008-2679

The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from thir...

CVE-2008-2684

CVE-2008-2684 affects the BIDIB.ocx/Black Ice Barcode SDK 5.01 implementation: the BIDIBCtrl.1 ActiveX control allows remote attackers to trigger memory corruption by feeding long strings into the DownloadImageFileURL method, enabling arbitrary code execution. The vulnerability is rooted in how t...

CVE-2008-2683

CVE-2008-2683 details (Normal mode): The BIDIB.BIDIBCtrl.1 ActiveX control (BIDIB.ocx 10.9.3.0) in Black Ice Barcode SDK 5.01 is vulnerable. A remote attacker can force the download and storage of arbitrary files by calling DownloadImageFileURL with the origin URL as the first argument and the lo...

Black Ice多个ActiveX控件栈溢出及内存破坏漏洞

BUGTRAQ ID: 29579 Black Ice Barcode SDK工具包提供各种1D和2D条码功能函数库。 Black Ice Barcode SDK所提供的多个ActiveX控件中存在安全漏洞，如果用户受骗访问了恶意网页的话，就可能导致执行任意代码或向系统中的任意位置写入文件。 1 BIDIB.BIDIBCtrl.1 ActiveX控件（BIDIB.ocx）没有安全的调用DownloadImageFileURL方式，可能导致向系统的任意位置下载任意文件，或通过超长参数触发内存破坏。 2 BITIFF.BITiffCtrl.1...

Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulns

No description provided by source. ----------------------------------------------------------------------------- Black Ice Software Inc Barcode SDK BIDIB.ocx Arbitrary File Download and Memory Corruption url: http://www.blackice.com File : BIDIB.ocx Ver. : 10.9.3.0...

Black Ice Software Inc Barcode SDK - 'BIDIB.ocx' Multiple Vulnerabilities

----------------------------------------------------------------------------- Black Ice Software Inc Barcode SDK BIDIB.ocx Arbitrary File Download and Memory Corruption url: http://www.blackice.com File : BIDIB.ocx Ver. : 10.9.3.0 CLSID: D2797899-BE27-4CDB-892F-4FDC26EA9BA9 Mark.: RegKey Safe for...

blackicebitiff2-overflow.txt

Black Ice Software Inc Barcode SDK BITiff.ocx Remote Buffer Overflow url: http://www.blackice.com File : BITiff.ocx Ver. : 10.9.3.0 CLSID: 2324B5B7-D3EF-464C-BB35-06EFF8F11EB3 Mark.: RegKey Safe for Script: True RegKey Safe for Init: True Implements IObjectSafety: False Author: shinnai mail:...

Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulns

Exploit for unknown platform in category remote exploits ============================================================= Black Ice Software Inc Barcode SDK BIDIB.ocx Multiple Vulns =============================================================...

Black Ice Software Inc Barcode SDK - 'BITiff.ocx' Remote Buffer Overflow (2)

Black Ice Software Inc Barcode SDK BITiff.ocx Remote Buffer Overflow url: http://www.blackice.com File : BITiff.ocx Ver. : 10.9.3.0 CLSID: 2324B5B7-D3EF-464C-BB35-06EFF8F11EB3 Mark.: RegKey Safe for Script: True RegKey Safe for Init: True Implements IObjectSafety: False Author: shinnai mail:...

Black Ice Software Inc Barcode SDK - 'BITiff.ocx' Remote Buffer Overflow (1)

---------------------------------------------------------------------------- Black Ice Software Inc Barcode SDK BITiff.ocx Remote Buffer Overflow url: http://www.blackice.com File : BITiff.ocx Ver. : 10.9.3.0 CLSID: 2324B5B7-D3EF-464C-BB35-06EFF8F11EB3 Mark.: RegKey Safe for Script: True RegKey...

Black Ice Software Inc Barcode SDK - BITiff.ocx Remote Buffer Overflow (2)

Black Ice Software Inc Barcode SDK - BITiff.ocx Remote Buffer Overflow 2 Black Ice Software Inc Barcode SDK BITiff.ocx Remote Buffer Overflow url: http://www.blackice.com File : BITiff.ocx Ver. : 10.9.3.0 CLSID: 2324B5B7-D3EF-464C-BB35-06EFF8F11EB3 Mark.: RegKey Safe for Script: True RegKey Safe...

Black Ice Software Inc Barcode SDK (BITiff.ocx) Remote BOF Exploit

Exploit for unknown platform in category remote exploits ================================================================== Black Ice Software Inc Barcode SDK BITiff.ocx Remote BOF Exploit ==================================================================...