7 matches found
VulnCheck KEV: CVE-2008-2551
The DownloaderActiveX Control DownloaderActiveX.ocx in Icona SpA C6 Messenger 1.0.0.1 allows remote attackers to force the download and execution of arbitrary files via a URL in the propDownloadUrl parameter with the propPostDownloadAction parameter set to "run."...
Drive-by download campaign targets Chinese websites, experiments with exploits
During our web crawls we sometimes come across bizarre findings or patterns we haven't seen before. This was the case with a particular drive-by download attack planted on Chinese websites. While by no means advanced it turned out to be fairly buggy, we witnessed a threat actor experimenting with...
Telecom Italia DownloaderActiveX.ocx ActiveX Control Code Execution (CVE-2008-2551)
An attacker may use the vulnerable ActiveX control in order to download and execute arbitrary files in the context of the currently logged-on user...
Icona SpA C6 Messenger Downloader Arbitrary File Download / Execute
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Icona SpA C6...
Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute
This module exploits a vulnerability in Icona SpA C6 Messenger 1.0.0.1. The vulnerability is in the DownloaderActiveX Control DownloaderActiveX.ocx. The insecure control can be abused to download and execute arbitrary files in the context of the currently logged-on user. This module requires...
CVE-2008-2551
CVE-2008-2551 – Icona SpA C6 Messenger DownloaderActiveX control : The DownloaderActiveX.ocx in C6 Messenger 1.0.0.1 allows remote attackers to force the download and execution of arbitrary files via a URL in propDownloadUrl when propPostDownloadAction is set to “run.” This is a remote code execu...
CVE-2008-2551
creationtimestamp| type| source ---|---|--- 2008-06-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/5732 2012-02-02 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18449 2018-05-29 15:50:33+00:00| seen|...