EB Design ebCrypt Active X Denial of Service - Ver2 (CVE-2007-5110)

A denial-of-service vulnerability has been reported in EB Design ebCrypt. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

ebCrypt ActiveX控件任意文件覆盖及拒绝服务漏洞

BUGTRAQ ID: 25789,25787 ebCrypt是一套ActiveX组件集，为VisualBasic、VBScript、JScript等提供强加密算法。 ebCrypt的ActiveX控件实现上存在多个安全漏洞，远程攻击者可能利用这些漏洞控制用户系统或导致拒绝服务。 ebCrypt.ebcPRNGenerator.1 ActiveX控件（ebCrypt.dll）中的SaveToFile方式保存了参数所指定的文件，这可能导致覆盖并破坏系统上的任意文件；如果向AddString方式传送了不少于一个字符的话，还可能导致拒绝服务。以下是异常的dump： Access violati...

CVE-2007-5111

A certain ActiveX control in EBCRYPT.DLL 2.0 in EB Design ebCrypt allows remote attackers to cause a denial of service crash via a string argument to the AddString method...

CVE-2007-5110

Absolute path traversal vulnerability in the EbCrypt.ebcPRNGenerator.1 ActiveX control in EBCRYPT.DLL 2.0.0.2087 and earlier in EB Design ebCrypt allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE: some of these detail...

Path traversal

Absolute path traversal vulnerability in the EbCrypt.ebcPRNGenerator.1 ActiveX control in EBCRYPT.DLL 2.0.0.2087 and earlier in EB Design ebCrypt allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE: some of these detail...

CVE-2007-5111

A certain ActiveX control in EBCRYPT.DLL 2.0 in EB Design ebCrypt allows remote attackers to cause a denial of service crash via a string argument to the AddString method...

CVE-2007-5110

CVE-2007-5110 describes an absolute path traversal in the EB Design ebCrypt ActiveX control (EbCrypt.eb_c_PRNGenerator.1) within EBCRYPT.DLL 2.0.0.2087 and earlier. The vulnerability allows remote attackers to create or overwrite arbitrary files by passing a full pathname to the SaveToFile method...