Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute method, (3) read from the registry via unspecified vectors, and (4) write to the registry via unspecified vectors. NOTE: vectors 1 and 2 can be used together to execute arbitrary code.
References
Configurations
History
21 Nov 2024, 00:59
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/33515 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/48337 - | |
References | () https://www.exploit-db.com/exploits/7910 - |
Information
Published : 2009-02-02 22:00
Updated : 2024-11-21 00:59
NVD link : CVE-2009-0389
Mitre link : CVE-2009-0389
CVE.ORG link : CVE-2009-0389
JSON object : View
Products Affected
eztools-software
- web_on_windows_activex
CWE