FlexCell Grid FlexCell.Grid ActiveX Control Multiple Method Arbitrary File Overwrite

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an ActiveX control that allows overwriting
arbitrary files.

Description :

The remote host contains the FlexCell.Grid ActiveX control, a
component of the FlexCell grid control software.

The version of the control installed on the remote host reportedly
fails to validate input to the 'File' argument of the 'SaveFile' and
'ExportToXML' methods before writing to the specified filename.

If an attacker can trick a user on the affected host into viewing a
specially crafted HTML document, this issue could be leveraged to
create or overwrite arbitrary files on the affected system subject to
the user's privileges.

See also :

http://www.grid2000.com/news.html#activex

Solution :

Upgrade to FlexCell Grid Control 5.8.0 or later.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:C)
CVSS Temporal Score : 6.1
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 41945 (flexcell_grid_control_activex_5_8_0.nasl)

Bugtraq ID: 33453

CVE ID: CVE-2009-0301

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now