Vulnerabilities > CVE-2008-1725 - Unspecified vulnerability in Nsoftware Ibiz E-Banking Integrator 2.0.2932
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN nsoftware
exploit available
Summary
The IBizEBank.FIProfile.1 ActiveX control in fiprofile20.ocx in IBiz E-Banking Integrator (formerly IBiz OFX Integrator) 2.0.2932 exposes the unsafe WriteOFXDataFile method, which allows remote attackers to overwrite arbitrary files via a full pathname in the argument. NOTE: some of these details are obtained from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | IBiz E-Banking Integrator V2 ActiveX Edition Insecure Method Exploit. CVE-2008-1725. Remote exploit for windows platform |
| file | exploits/windows/remote/5416.html |
| id | EDB-ID:5416 |
| last seen | 2016-01-31 |
| modified | 2008-04-09 |
| platform | windows |
| port | |
| published | 2008-04-09 |
| reporter | shinnai |
| source | https://www.exploit-db.com/download/5416/ |
| title | IBiz E-Banking Integrator 2.0 - ActiveX Edition Insecure Method Exploit |
| type | remote |
References
- http://secunia.com/advisories/29758
- http://secunia.com/advisories/29758
- http://www.osvdb.org/44393
- http://www.osvdb.org/44393
- http://www.securityfocus.com/bid/28700
- http://www.securityfocus.com/bid/28700
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41752
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41752
- https://www.exploit-db.com/exploits/5416
- https://www.exploit-db.com/exploits/5416