CVE-2008-1725

Published: 11/04/2008 Updated: 29/09/2017

CVSS v2 Base Score: 9 | Impact Score: 9.5 | Exploitability Score: 8.6

VMScore: 905

Vector: AV:N/AC:M/Au:N/C:P/I:C/A:C

The IBizEBank.FIProfile.1 ActiveX control in fiprofile20.ocx in IBiz E-Banking Integrator (formerly IBiz OFX Integrator) 2.0.2932 exposes the unsafe WriteOFXDataFile method, which allows remote malicious users to overwrite arbitrary files via a full pathname in the argument. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
nsoftware ibiz e-banking integrator 2.0.2932

-------------------------------------------------------------------- IBiz E-Banking Integrator V2 ActiveX Edition Insecure Method Author: shinnai mail: shinnai[at]autistici[dot]org site: shinnaialtervistaorg This was written for educational purpose Use it at your own risk Author will be not responsible for any damage More info ...

NVD-CWE-Other http://www.securityfocus.com/bid/28700 http://secunia.com/advisories/29758 http://www.osvdb.org/44393 https://exchange.xforce.ibmcloud.com/vulnerabilities/41752 https://www.exploit-db.com/exploits/5416 https://nvd.nist.gov https://www.exploit-db.com/exploits/5416/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1725

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect