Home / os / solaris

OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution

Posted on 30 November -0001

<HTML><HEAD><TITLE>OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>OpenWGA Developer Studio 3.1.0 OpenDialog Arbitrary Code Execution Vendor: Innovation Gate GmbH Product web page: https://www.openwga.com Affected version: 3.1.0.r00147 Summary: The OpenWGA Developer Studio packages an OpenWGA CMS server together with all necessary development and deployment tools to create, develop, deploy, share and maintain your OpenWGA CMS applications. Desc: The application suffers from an arbitrary code execution vulnerability when using the File OpenDialog box enabling the attacker to execute any binary he or she chooses including elevation of privileges. Tested on: Microsoft Windows 7 Professional SP1 (EN) Microsoft Windows 7 Ultimate SP1 (EN) Java/1.8.0.77-b03 Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscience Advisory ID: ZSL-2016-5317 Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5317.php 23.02.2016 -- From the menu: File > Open > "c:windowssystem32calc.exe" </BODY></HTML>

 

TOP