Ecava IntegraXor 'igcom.dll' Directory Traversal Vulnerability
BID:52763
Info
Ecava IntegraXor 'igcom.dll' Directory Traversal Vulnerability
| Bugtraq ID: | 52763 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-0246 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 28 2012 12:00AM |
| Updated: | Aug 17 2012 12:20PM |
| Credit: | Billy Rios and Terry McCorkle |
| Vulnerable: |
Ecava IntegraXor 3.60.4050 Ecava IntegraXor 3.60.4032 Ecava IntegraXor 3.60 |
| Not Vulnerable: |
Ecava IntegraXor 3.71.4200 |
Discussion
Ecava IntegraXor 'igcom.dll' Directory Traversal Vulnerability
Ecava IntegraXor is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
Exploiting the issue may allow an attacker to overwrite arbitrary files on the affected system. This could aid in further attacks.
Ecava IntegraXor versions prior to 3.71.4200 are vulnerable.
Ecava IntegraXor is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
Exploiting the issue may allow an attacker to overwrite arbitrary files on the affected system. This could aid in further attacks.
Ecava IntegraXor versions prior to 3.71.4200 are vulnerable.
Exploit / POC
Ecava IntegraXor 'igcom.dll' Directory Traversal Vulnerability
Attackers can exploit this issue with a browser.
Attackers can exploit this issue with a browser.
Solution / Fix
Ecava IntegraXor 'igcom.dll' Directory Traversal Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Ecava IntegraXor 'igcom.dll' Directory Traversal Vulnerability
References:
References:
- IntegraXor Homepage (Ecava )
- ICSA-12-083-01�??ECAVA INTEGRAXOR ACTIVEX DIRECTORY TRAVERSA (ICS-CER)