Vulnerabilities > CVE-2008-6442 - Unspecified vulnerability in Sina Dloader

047910
CVSS 5.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
sina
exploit available
NVD
Published: 2009-03-09
Updated: 2017-08-17

Summary

Insecure method vulnerability in Sina Inc. DLoader Class ActiveX Control allows remote attackers to overwrite arbitrary files via a URL in the first parameter to the DonwloadAndInstall method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Sina
1

Exploit-Db

descriptionSina DLoader Class ActiveX Control 'DonwloadAndInstall' Method Arbitrary File Download Vulnerability. CVE-2008-6442. Remote exploit for windows platform
idEDB-ID:32052
last seen2016-02-03
modified2008-07-14
published2008-07-14
reporterSymantec
sourcehttps://www.exploit-db.com/download/32052/
titleSina DLoader Class ActiveX Control 'DonwloadAndInstall' Method Arbitrary File Download Vulnerability

References