GeoVision LiveX ActiveX控件SnapShotToFile()方式任意文件覆盖漏洞

BUGTRAQ ID: 33782 GeoVision LiveX是用于管理GeoVision视频监控系统的软件。 GeoVision的LiveXv7000（clsid DA8484DE-52DB-4860-A986-61A8682E298A）和LiveXv8120（clsid F4421170-DB22-4551-BBFB-FFCFFB419F6F）ActiveX控件没有正确地验证对SnapShotToFile和SnapShotX方式输入的参数，如果用户受骗访问了恶意网页并向上述方式传送了恶意参数的话，就会导致向用户系统写入任意文件。 GeoVision LiveX ActiveX...

GeoVision LiveX_v8200 ActiveX (LIVEX_~1.OCX) File Corruption PoC

No description provided by source. !-- GeoVision LiveXv8200 ActiveX Control LIVEX1.OCX remote file corruption poc by Nine:Situations:Group::SnoopyAssault site: http://retrogod.altervista.org/ working against IE8b/xpsp3, safe for scripting and for initialize. LiveXv7000 with clsid...

GeoVision LiveX 8200 - ActiveX LIVEX_~1.OCX File Corruption

GeoVision LiveX 8200 - ActiveX LIVEX1.OCX File Corruption function sleepn var now = new Date; var exitTime = now.getTime + n1000; while true now = new Date; if now.getTime exitTime return; par...

GeoVision ActiveX File Corruption

function sleepn var now = new Date; var exitTime = now.getTime + n1000; while true now = new Date; if now.getTime exitTime return; param name="AutoLogin" v...