lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060516022952.19412.qmail@securityfocus.com>
Date: 16 May 2006 02:29:52 -0000
From: mcdanielar@...hmail.com
To: bugtraq@...urityfocus.com
Subject: FrontRange iHeat Vulnerability


A vulnerability has been found in FrontRange's iHeat product that allows users to gain access to the host machine through a logged on session or execute arbitrary code while using the active-x version of the product.

To reproduce the exploit, first upload a file with an extension that has not been associated to an application, attaching it to the current call.  Next attempt to open the file.  When prompted which application to use to open the file a file dialog appears.  In the file dialog, select and run the executable code you wish to run.  Cancel the dialog box.

This vulnerability also exposes the file system of the host machine in a similar manner.  The code runs in the context of the current user.  Necessary precautions should be taken to mitigate risk.

This vulnerability exists in all tested versions of iHeat that use active-x controls and may also exist in other FrontRange products.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ