ActiveWeb Professional Arbitrary File Upload Vulnerability

ActiveWeb Professional is prone to an arbitrary-file-upload vulnerability because the application fails to adequately sanitize user-supplied input.

An attacker may leverage this issue to upload arbitrary files to the affected computer; successful exploits will allow attackers to completely compromise the affected computer.

Lomtec ActiveWeb Professional 3.0 is vulnerable; other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus