Pegasus Imaging ImagXpress ActiveX Control CompactFile Arbitrary File Overwrite Vulnerability
BID:25948
Info
Pegasus Imaging ImagXpress ActiveX Control CompactFile Arbitrary File Overwrite Vulnerability
| Bugtraq ID: | 25948 |
| Class: | Design Error |
| CVE: |
CVE-2007-5320 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 06 2007 12:00AM |
| Updated: | May 07 2015 05:35PM |
| Credit: | shinnai is credited with the discovery of this issue. |
| Vulnerable: |
Pegasus Imaging Corporation. ImagXpress 8.0 |
| Not Vulnerable: | |
Discussion
Pegasus Imaging ImagXpress ActiveX Control CompactFile Arbitrary File Overwrite Vulnerability
Pegasus Imaging ImagXpress ActiveX control is prone to a vulnerability that lets attackers overwrite arbitrary local files. This may aid in further attacks.
This issue affects Pegasus Imaging ImagXpress 8.0; other versions may also be vulnerable.
Pegasus Imaging ImagXpress ActiveX control is prone to a vulnerability that lets attackers overwrite arbitrary local files. This may aid in further attacks.
This issue affects Pegasus Imaging ImagXpress 8.0; other versions may also be vulnerable.
Exploit / POC
Pegasus Imaging ImagXpress ActiveX Control CompactFile Arbitrary File Overwrite Vulnerability
Sample exploit code has been provided:
Sample exploit code has been provided:
Solution / Fix
Pegasus Imaging ImagXpress ActiveX Control CompactFile Arbitrary File Overwrite Vulnerability
Solution:
The vendor states:
"Pegasus Imaging acknowledges these issues as affecting our controls in the same way that they affect any ActiveX control that allows files to be saved to absolute directory paths. We're working on reducing the vulnerabilities of these issues and will publish additional information when available at http://www.pegasusimaging.com/faq.htm. In the meantime we recommend that users follow the Microsoft guidelines for reducing the vulnerability by increasing their browser security settings for ActiveX controls."
Solution:
The vendor states:
"Pegasus Imaging acknowledges these issues as affecting our controls in the same way that they affect any ActiveX control that allows files to be saved to absolute directory paths. We're working on reducing the vulnerabilities of these issues and will publish additional information when available at http://www.pegasusimaging.com/faq.htm. In the meantime we recommend that users follow the Microsoft guidelines for reducing the vulnerability by increasing their browser security settings for ActiveX controls."
References
Pegasus Imaging ImagXpress ActiveX Control CompactFile Arbitrary File Overwrite Vulnerability
References:
References:
- Microsoft Knowledge Base Article 240797 (Microsoft)
- Pegasus Imaging Corporation Homepage (Pegasus Imaging Coporation)