EUVD-2006-6848

Malware in sbrugna...

SoftArtisans XFile FileManager ActiveX Control Buffer Overflow

No description provided by source. $Id: softartisansgetdrivename.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

SoftArtisans XFile FileManager - ActiveX Control Buffer Overflow (Metasploit)

$Id: softartisansgetdrivename.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

SoftArtisans XFile FileManager ActiveX Control Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'SoftArtisans XFil...

SoftArtisans XFile FileManager ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in SoftArtisans XFile FileManager ActiveX control SAFmgPwd.dll 2.0.5.3. When sending an overly long string to the GetDriveName method an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download...

Stack overflow

Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the 1 BuildPath, 2 GetDriveName, 3 DriveExists, or 4 DeleteFile method...

CVE-2007-1682

Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the 1 BuildPath, 2 GetDriveName, 3 DriveExists, or 4 DeleteFile method...

CVE-2007-1682

SoftArtisans XFile FileManager ActiveX control (SAFmgPws.dll) is affected by CVE-2007-1682 through vulnerable BuildPath(), GetDriveName(), DriveExists(), and DeleteFile() methods. The vulnerability is a stack-based buffer overflow in XFile before version 2.4.0 that could allow remote code executi...

SoftArtisans XFile文件管理器ActiveX控件多个缓冲区溢出漏洞

BUGTRAQ ID:30826 CVE ID：CVE-2007-1682 CNCVE ID：CNCVE-20081682 SoftArtisans XFile是一款文件传送应用程序ActiveX控件。 XFile FileManager ActiveX控件存在多个缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 由SAFmgPws.dll提供的XFile FileManager ActiveX控件处理BuildPath, GetDriveName, DriveExists,...

SoftArtisans XFile FileManager ActiveX control stack buffer overflows

Overview The SoftArtisans XFile FileManager ActiveX control contains several stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description SoftArtisans XFile is an ActiveX file transfer application. The XFile FileManager...

CVE-2006-6865

The CVE-2006-6865 entry describes a directory traversal in SoftArtisans FileUp (SAFileUp) 5.0.14. An attacker can read arbitrary files by supplying a path parameter containing a Unicode-encoded dot-dot ( %c0%ae ), bypassing the normal ".." sequence checks in SAFileUpSamples/util/viewsrc.asp. The ...

CVE-2006-6865

Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp SAFileUp 5.0.14 allows remote attackers to read arbitrary files via a %c0%ae. Unicode dot dot in the path parameter, which bypasses the checks for ".." sequences...

SoftArtisans FileUp Viewsrc.ASP目录遍历漏洞

SoftArtisans FileUp是一款基于ASP的WEB应用程序。 SoftArtisans FileUp不正确过滤用户提交的输入，远程攻击者可以利用漏洞上传任意脚本以WEB权限查看系统文件内容。 问题是'Viewsrc.asp'脚本对用户提交的WEB参数缺少过滤，提交类似'%c0%ae./'编码的数据作为参数，可绕过WEB ROOT限制，以WEB权限查看系统文件内容。 SoftArtisans FileUp 5.0.14 目前没有解决方案提供： http://www.componentsource.com/publishersite.asp?p=511435%2F15054...

SoftArtisans SAFileUp 5.0.14 (viewsrc.asp) Script Source Disclosure

No description provided by source. SoftArtisans FileUp viewsrc.asp remote script source disclosure exploit Advisory Name: SoftArtisans FileUpTM viewsrc.asp remote script source disclosure exploit Tested and Confirmed Vulerable: SoftArtisans SAFileUpTM 5.0.14 Standard Severity: High Type: Script...

SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit

Inge Henriksen Security Advisory - Full Disclosure Proof of Concept at http://ingehenriksen.blogspot.com/ Advisory Name: SoftArtisans FileUpTM viewsrc.asp remote script source disclosure exploit Tested and Confirmed Vulerable: SoftArtisans SAFileUpTM 5.0.14 Standard Severity: High Type: Script...

SoftArtisans SAFileUp 5.0.14 (viewsrc.asp) Script Source Disclosure

Exploit for unknown platform in category web applications =================================================================== SoftArtisans SAFileUp 5.0.14 viewsrc.asp Script Source Disclosure =================================================================== SoftArtisans FileUp viewsrc.asp remot...

SoftArtisans SAFileUp 5.0.14 - viewsrc.asp Script Source Disclosure

SoftArtisans SAFileUp 5.0.14 - viewsrc.asp Script Source Disclosure SoftArtisans FileUp viewsrc.asp remote script source disclosure exploit Advisory Name: SoftArtisans FileUpTM viewsrc.asp remote script source disclosure exploit Tested and Confirmed Vulerable: SoftArtisans SAFileUpTM 5.0.14...

SoftArtisans SAFileUp 5.0.14 - 'viewsrc.asp' Script Source Disclosure

SoftArtisans FileUp viewsrc.asp remote script source disclosure exploit Advisory Name: SoftArtisans FileUpTM viewsrc.asp remote script source disclosure exploit Tested and Confirmed Vulerable: SoftArtisans SAFileUpTM 5.0.14 Standard Severity: High Type: Script source disclosure From where: Remote...