Evernote < 5.8.1 ActiveX Control Arbitrary File Overwrite

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an ActiveX control installed that is
affected by a file overwrite vulnerability.

Description :

The version of Evernote installed on the remote Windows host is prior
to 5.8.1. It is, therefore, affected by an arbitrary file overwrite
vulnerability in the EvernoteIE.dll ActiveX control due to using the
writeFileContent(), LoadFile(), and ReadFileContent() methods in an
insecure manner. A remote, unauthenticated attacker can exploit this
by tricking a user into opening a specially crafted web page, allowing
the attacker to read and overwrite arbitrary files.

See also :

https://discussion.evernote.com/topic/79359-evernote-for-windows-581/

Solution :

Upgrade to Evernote 5.8.1 or later. Alternatively, disable the ActiveX
control.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 85448 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now