DeWizardX ActiveX Control Arbitrary File Overwrite Vulnerability

Bugtraq ID:	23986
Class:	Design Error
CVE:	CVE-2007-2725
Remote:	Yes
Local:	No
Published:	May 15 2007 12:00AM
Updated:	May 07 2015 05:39PM
Credit:	shinnai is credited with the discovery of this issue.
Vulnerable:	DB Software Laboratory DeWizardX ActiveX Control 0
Not Vulnerable:

DeWizardX ActiveX Control Arbitrary File Overwrite Vulnerability

The DeWizardX ActiveX control is prone to an arbitrary-file-overwrite vulnerability.

An attacker can exploit this issue to overwrite arbitrary files on the affected computer. Successful attacks may aid in further attacks against the computer. Failed attempts will likely cause denial-of-service
conditions.

DeWizardX ActiveX Control Arbitrary File Overwrite Vulnerability

Sample exploit code has been provided:

• /data/vulnerabilities/exploits/23986.html

DeWizardX ActiveX Control Arbitrary File Overwrite Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

DeWizardX ActiveX Control Arbitrary File Overwrite Vulnerability

References:

• DeWizardX ActiveX Control Web Site (DB Software Laboratory)
  
• Microsoft Knowledge Base Article 240797 (Microsoft)
  
• MoAxB #15: DB Software Laboratory DeWizardX (DEWizardAX.ocx) Remote Arbitrary Fi (shinnai )