Morovia Barcode ActiveX Control < 3.6.0 Arbitrary File Overwrite

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an ActiveX control that can be used to
overwrite arbitrary files.

Description :

The version of the Morovia Barcode ActiveX control installed on the
remote Windows host allows overwriting of arbitrary files via calls to
the control's 'Save' and 'ExportImage' methods. If an attacker can
trick a user on the affected host into viewing a specially crafted
HTML document, he can leverage this issue to overwrite arbitrary files
on the affected system subject to the user's privileges.

See also :

http://mdn.morovia.com/manuals/bax3/Barcode-ActiveX-Release-Notes.htm

Solution :

Upgrade to Morovia Barcode ActiveX 3.6.0 or later.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:C)
CVSS Temporal Score : 6.7
(CVSS2#E:POC/RL:W/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 35953 ()

Bugtraq ID: 23934

CVE ID: CVE-2007-2644

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now