22 matches found
CVE-2011-5290
The SaveToFile method in the UniBasicPack.UniTextBox ActiveX control in UniBasic100EDA1811C.ocx in IDrive Online Backup 3.4.0 allows remote attackers to write to arbitrary files via a pathname in the first argument...
CVE-2011-5290
Technical summary (CVE-2011-5290): The vulnerability affects IDrive Online Backup 3.4.0, specifically the UniBasic100_EDA1811C.ocx’s UniBasicPack.UniTextBox ActiveX control. The SaveToFile method can be abused to write to arbitrary files by supplying a pathname as the first argument. This is a re...
Arbitrary program execution vulnerability in TrendLink ActiveX control
Overview TrendLink provided by Canary Labs is a tool to help visualize data for analysis. The SaveToFile method provided in the ActiveX control in TrendLink contains a vulnerability where file creation is not properly restricted. Security Research and Service Institute - Information and...
CVE-2012-3022
The SaveToFile method in a certain ActiveX control in TrendDisplay.dll in Canary Labs TrendLink 9.0.2.27051 and earlier does not properly restrict the creation of files, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted w...
Design/Logic Flaw
The 1 SimpleTree and 2 ReportTree classes in the ARDoc ActiveX control ARDoc.dll in Quest InTrust 10.4.0.853 and earlier do not properly implement the SaveToFile method, which allows remote attackers to write or overwrite arbitrary files via the bstrFileName argument...
CVE-2008-4749
Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control VImpX.ocx 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via 1 the LogFile property and ClearLogFile method, and 2 the SaveToFile method...
Design/Logic Flaw
Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control VImpX.ocx 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via 1 the LogFile property and ClearLogFile method, and 2 the SaveToFile method...
CVE-2008-4749
Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control VImpX.ocx 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via 1 the LogFile property and ClearLogFile method, and 2 the SaveToFile method...
Chilkat XML ActiveX Remote Arbitrary File Creation/Execution Exploit
No description provided by source. ----------------------------------------------------------------------------- Chilkat XML ActiveX Remote Arbitrary File Creation/Execution url: www.chilkatsoft.com File: ChilkatUtil.dll = 3.0.3.0 CLSID: 5022FAE8-B780-4B78-B8DC-1AF1145A4F42 ProgID:...
chilkat-exec.txt
----------------------------------------------------------------------------- Chilkat XML ActiveX Remote Arbitrary File Creation/Execution url: www.chilkatsoft.com File: ChilkatUtil.dll = 3.0.3.0 CLSID: 5022FAE8-B780-4B78-B8DC-1AF1145A4F42 ProgID: ChilkatUtil.CkData.1 Descr.: Chilkat CkData Marke...
[NSG_28-5-08] CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile()) remote file corruption poc
!-- CA Internet Security Suite 2008 UmxEventCli.dll/SaveToFile remote file corruption poc by Nine:Situations:Group::surfista this control is safe for scripting and safe for initialize original one: http://retrogod.altervista.org/9sgCApoc.html -- htmlobject...
Path traversal
Absolute path traversal vulnerability in a certain ActiveX control in Zune allows user-assisted remote attackers to overwrite arbitrary files via the SaveToFile method. NOTE: the victim must explicitly allow the code to run...
CVE-2008-1933
The CVE-2008-1933 entry describes an absolute path traversal in a Zune ActiveX control, allowing user‑assisted remote attackers to overwrite arbitrary files via the SaveToFile method. The vulnerability requires the user to explicitly allow code execution. Affected component is an ActiveX control ...
CVE-2008-1933
Absolute path traversal vulnerability in a certain ActiveX control in Zune allows user-assisted remote attackers to overwrite arbitrary files via the SaveToFile method. NOTE: the victim must explicitly allow the code to run...
Path traversal
Absolute path traversal vulnerability in the EbCrypt.ebcPRNGenerator.1 ActiveX control in EBCRYPT.DLL 2.0.0.2087 and earlier in EB Design ebCrypt allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE: some of these detail...
Ultra Crypto Component (CryptoX.dll <= 2.0) SaveToFile() Inscure Method
Exploit for unknown platform in category remote exploits ======================================================================= Ultra Crypto Component CryptoX.dll ------------------------------------------------------------------------------------- Ultra Crypto Component CryptoX.dll url:...
Path traversal
Absolute path traversal vulnerability in a certain ActiveX control in PGPBBox.dll in EldoS SecureBlackbox sbb 5.1.0.112 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE: the provenance of this information is unknown;...
CVE-2007-3785
CVE-2007-3785: Absolute path traversal in EldoS SecureBlackbox (sbb) 5.1.0.112 via PGPBBox.dll ActiveX SaveToFile allows a full path to create/overwrite files. The description is consistent across NVD and related records. Connected documents do not provide additional technical details (no expande...
SecureBlackbox (PGPBBox.dll 5.1.0.112) Arbitary Data Write Exploit
Exploit for unknown platform in category remote exploits ================================================================== SecureBlackbox PGPBBox.dll 5.1.0.112 Arbitary Data Write Exploit ================================================================== :. GOODFELLAS Security Research TEAM .: :...
CVE-2007-3649
Absolute path traversal vulnerability in a certain ActiveX control in hpqvwocx.dll 2.1.0.556 in Hewlett-Packard HP Digital Imaging allows remote attackers to create or overwrite arbitrary files via the second argument to the SaveToFile method...