Vulnerabilities > CVE-2004-2663 - Unspecified vulnerability in IBM Egatherer 2.0.0.16
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://marc.info/?l=bugtraq&m=108746693619324&w=2
- http://marc.info/?l=bugtraq&m=108746693619324&w=2
- http://marc.info/?l=full-disclosure&m=108741557604568&w=2
- http://marc.info/?l=full-disclosure&m=108741557604568&w=2
- http://research.eeye.com/html/advisories/published/AD20040615B.html
- http://research.eeye.com/html/advisories/published/AD20040615B.html
- http://secunia.com/advisories/11072
- http://secunia.com/advisories/11072
- http://www.eeye.com/html/research/advisories/AD20040615B.html
- http://www.eeye.com/html/research/advisories/AD20040615B.html
- http://www.osvdb.org/7090
- http://www.osvdb.org/7090
- http://www.securityfocus.com/bid/10562
- http://www.securityfocus.com/bid/10562
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16428
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16428