Rediff Toolbar ActiveX Control Remote Code Execution Vulnerability
BID:21924
Info
Rediff Toolbar ActiveX Control Remote Code Execution Vulnerability
| Bugtraq ID: | 21924 |
| Class: | Access Validation Error |
| CVE: |
CVE-2007-1402 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 08 2007 12:00AM |
| Updated: | May 12 2015 07:35PM |
| Credit: | Umesh Wanve is credited with discovering this issue. |
| Vulnerable: |
Rediff Toolbar 0 |
| Not Vulnerable: | |
Discussion
Rediff Toolbar ActiveX Control Remote Code Execution Vulnerability
Rediff Toolbar ActiveX control is prone to a remote code-execution vulnerability.
Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control and possibly to compromise affected computers.
Rediff Toolbar ActiveX control is prone to a remote code-execution vulnerability.
Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of applications using the affected ActiveX control and possibly to compromise affected computers.
Exploit / POC
Rediff Toolbar ActiveX Control Remote Code Execution Vulnerability
The following proof of concept is available:
The following proof of concept is available:
Solution / Fix
Rediff Toolbar ActiveX Control Remote Code Execution Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Rediff Toolbar ActiveX Control Remote Code Execution Vulnerability
References:
References:
- rediff Homepage (rediff.com)