S-139: Persits Software XUpload 'AddFile()' Method ActiveX Control Vulnerability

Login or Register to Ask a Question and Join Our Community

S-139: Persits Software XUpload 'AddFile()' Method ActiveX Control Vulnerability

Tags

Login to Discuss or Reply to this Discussion in Our Community

Special Forums Cybersecurity Security Advisories (RSS) S-139: Persits Software XUpload 'AddFile()' Method ActiveX Control Vulnerability

01-30-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

S-139: Persits Software XUpload 'AddFile()' Method ActiveX Control Vulnerability

XUpload is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. The risk is MEDIUM. An attacker may exploit this issue to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

Login or Register to Ask a Question

Previous Thread | Next Thread

Login or Register to Ask a Question