BlooMooWeb ActiveX control (AidemATL.dll) allows remote malicious users to (1) download arbitrary files via a URL in the bstrUrl parameter to the BW_DownloadFile method, (2) execute arbitrary local files via a file path in the bstrParams parameter to the BW_LaunchGame method, and (3) delete arbitrary files via a file path in the filePath parameter to the BW_DeleteTempFile method.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
studio achtundachtzig bloomooweb activex control 1.0.9 |