5 matches found
CVE-2008-4493
Microsoft PicturePusher ActiveX control PipPPush.DLL 7.00.0709, as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issu...
Design/Logic Flaw
Microsoft PicturePusher ActiveX control PipPPush.DLL 7.00.0709, as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issu...
CVE-2008-4493
Microsoft PicturePusher ActiveX control PipPPush.DLL 7.00.0709, as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issu...
Microsoft PicturePusher ActiveX Cross Site File Upload Attack PoC
No description provided by source. !-- Microsoft PicturePusher ActiveX PipPPush.DLL 7.00.0709 remote Cross Site File Upload attack POC IE6 by Nine:Situations:Group::pyrokinesis bug discovered by rgod during early March 2008 tested software: Microsoft Digital Image 2006 Starter Edition works fine...
Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload
Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload 'PicturePusherControl.PostURL = "http://127.0.0.1/?aaaa=1" PicturePusherControl.PostURL = "http://192.168.1.1/?aaaa=1" PicturePusherControl.Add...