Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.39 views

Synactis All_IN_THE_BOX ActiveX 3.0 - Null byte File Overwrite Vuln

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-09-006 http://www.dsecrg.com/pages/vul/show.php?id=62 Application: Synactis AllINTHEBOX ActiveX Versions Affected: 3 Vendor URL: http://synactis.com Bugs: Null byte File overwriting Exploits: YES Reported:...

7.1AI score
Exploits0
OpenVAS
OpenVASadded 2009/02/13 12:0 a.m.21 views

Synactis All-In-The-Box ActiveX Remote Code Execution Vulnerability

This host is installed with All-In-The-Box ActiveX and is prone to Remote Code Execution Vulnerability. OpenVAS Vulnerability Test $Id: gbsynactisallintheboxactivexcodeexecvuln.nasl 5369 2017-02-20 14:48:07Z cfi $ Synactis All-In-The-Box ActiveX Remote Code Execution Vulnerability Authors: Sujit...

9.3CVSS1.2AI score0.05943EPSS
Exploits1References3
OpenVAS
OpenVASadded 2009/02/13 12:0 a.m.37 views

Synactis All-In-The-Box ActiveX RCE Vulnerability

All-In-The-Box ActiveX is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.5AI score0.05943EPSS
Exploits1References6
NVD
NVDadded 2009/02/10 7:0 a.m.7 views

CVE-2009-0465

The SaveDoc method in the AllInTheBox.AllBox ActiveX control in ALLINTHEBOX.OCX in Synactis ALL In-The-Box ActiveX 3 allows remote attackers to create and overwrite arbitrary files via an argument ending in a '\0' character, which bypasses the intended .box filename extension, as demonstrated by ...

9.3CVSS6.8AI score0.05943EPSS
Exploits1References6
Prion
Prionadded 2009/02/10 7:0 a.m.8 views

Code injection

The SaveDoc method in the AllInTheBox.AllBox ActiveX control in ALLINTHEBOX.OCX in Synactis ALL In-The-Box ActiveX 3 allows remote attackers to create and overwrite arbitrary files via an argument ending in a '\0' character, which bypasses the intended .box filename extension, as demonstrated by ...

9.3CVSS7.3AI score0.05943EPSS
Exploits1References6Affected Software1
seebug.org
seebug.orgadded 2009/02/04 12:0 a.m.25 views

Synactis ALL In-The-Box ActiveX控件SaveDoc()方法覆盖任意文件漏洞

Synactis ALL In-The-Box ActiveX控件是一种PDF及图像文件自动化生成及输出工具。 ALL In-The-Box ActiveX控件AllInTheBox.ocx的SaveDoc方法实现上存在漏洞,远程攻击者可能利用此漏洞通过指定以NULL结尾的文件名覆盖系统上的任意文件,导致拒绝服务或任意命令执行。 Synactis ALL In-The-Box ActiveX 3.x 厂商补丁: Synactis -------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.synactis.com...

7.1AI score
Exploits0
Rows per page
Query Builder