Security Advisory

CVE-2008-1885

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2008-04-18 15:00:00

Last updated 2024-08-07 08:40:59

Assigner mitre

State PUBLISHED

Description

Directory traversal vulnerability in the NeffyLauncher 1.0.5 ActiveX control (NeffyLauncher.dll) in CDNetworks Nefficient Download allows remote attackers to download arbitrary code onto a client system via a .. (dot dot) in the SkinPath parameter and a .zip URL in the HttpSkin parameter. NOTE: this can be leveraged for code execution by writing to a Startup folder.

← Browse all CVEs View on cve.org ↗