CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-06-05 10:48:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
6cd0d0806c9bf647d01eb3deca931ca47bebcbc7
CVEs-PoC/2008/CVE-2008-1617.md
T
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

18 lines
809 B
Markdown
Raw Blame History

### [CVE-2008-1617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1617)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)
### Description
Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null.
### POC
#### Reference
- http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf
#### Github
No PoCs found on GitHub currently.
Reference in New Issue View Git Blame Copy Permalink