Microsoft PicturePusher 'PipPPush.dll' ActiveX控件任意文件下载漏洞

BUGTRAQ ID: 31632 CNCAN ID：CNCAN-2008100909 Microsoft Digital Image是一款图像管理处理工具。 其包含的PicturePusher 'PipPPush.dll' ActiveX控件存在设计问题，远程攻击者可以利用漏洞从任意位置下载文件到受影响的电脑。 控件允许构建定制的POST请求实现上传功能，使用浏览器作为代理可以回弹，并通过AddString方法注入文件名子字段。类似的POST请求如下： POST /?aaaa=1 HTTP/1.1 Content-Type: multipart/form-data;...

CVE-2008-4493

Microsoft PicturePusher ActiveX control PipPPush.DLL 7.00.0709, as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issu...

Design/Logic Flaw

Microsoft PicturePusher ActiveX control PipPPush.DLL 7.00.0709, as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issu...

CVE-2008-4493

Microsoft PicturePusher ActiveX control PipPPush.DLL 7.00.0709, as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issu...

CVE-2008-4493

The CVE describes a vulnerability in the Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709) used by Microsoft Digital Image 2006 Starter Edition. The flaw arises from the AddString and Post methods, with a modified PostURL that allows an attacker to construct an HTTP POST request to...

Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload

Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload 'PicturePusherControl.PostURL = "http://127.0.0.1/?aaaa=1" PicturePusherControl.PostURL = "http://192.168.1.1/?aaaa=1" PicturePusherControl.Add...

Microsoft PicturePusher ActiveX Cross Site File Upload Attack PoC

Exploit for unknown platform in category remote exploits ================================================================= Microsoft PicturePusher ActiveX Cross Site File Upload Attack PoC ================================================================= OBJECT...

Microsoft PicturePusher ActiveX Cross Site File Upload Attack PoC

No description provided by source. !-- Microsoft PicturePusher ActiveX PipPPush.DLL 7.00.0709 remote Cross Site File Upload attack POC IE6 by Nine:Situations:Group::pyrokinesis bug discovered by rgod during early March 2008 tested software: Microsoft Digital Image 2006 Starter Edition works fine...

Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload

'PicturePusherControl.PostURL = "http://127.0.0.1/?aaaa=1" PicturePusherControl.PostURL = "http://192.168.1.1/?aaaa=1" PicturePusherControl.AddSeperator CRLF = un...