CyberSec.Space Logo
返回 CVE 浏览器

CVE-2010-2584

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0500%
EPSS Percentile12.61th
Published2010年10月26日
Last Modified2026年4月29日

Vulnerability Description

The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does not properly restrict certain property values, which allows remote attackers to read arbitrary files via a filename in the SourceFile property in conjunction with an http URL in the DestURL property.

Affected Platforms (CPE)

📦
Realpage

Module Activex Controls

= 1.0.0.9

References & Advisories

🔗 http://secunia.com/advisories/41392
🔗 http://secunia.com/secunia_research/2010-118/
🔗 http://www.osvdb.org/68813
🔗 http://www.securityfocus.com/bid/44302
🔗 http://secunia.com/advisories/41392
🔗 http://secunia.com/secunia_research/2010-118/
🔗 http://www.osvdb.org/68813
🔗 http://www.securityfocus.com/bid/44302

相关漏洞威胁

CVE-2007-293810.0

Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module (ATNBaseLoader100.dll) 5.4.0.6, when Inter...

CVE-2007-172210.0

Buffer overflow in the DownloadCertificateExt function in SignKorea SKCommAX ActiveX control module 7.2.0.2 and 3280 6.6.0.1 allow...

CVE-2007-195510.0

Multiple stack-based buffer overflows in the SignKorea SKCrypAX ActiveX control module 5.4.1.2 allow remote attackers to execute a...

CVE-2008-044310.0

Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0.0.2 in Lycos FileUploader Modu...

CVE-2010-2584 Detail & Impact Analysis | CVSS 5.0 (MEDIUM) | Cyber-Sec.Space | Cyber-Sec.Space