CVE-2009-2169
published 2009-06-22CVE-2009-2169: Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote…
PriorityP348critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
4.50%
90.3th percentile
Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and overwrite arbitrary files via a URL argument to the FtpConnect argument and a target filename argument to the FtpDownloadFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| edraw | pdf_viewer_component | <= 3.2.0 | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jjxh-2wf9-5qv2: Insecure method vulnerability in the PDFVIEWER
ghsa_unreviewed·2022-05-02
CVE-2009-2169 [HIGH] CWE-94 GHSA-jjxh-2wf9-5qv2: Insecure method vulnerability in the PDFVIEWER
Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and overwrite arbitrary files via a URL argument to the FtpConnect argument and a target filename argument to the FtpDownloadFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder.
Red Hat
kernel: net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers
vendor_redhat·2024-04-03·CVSS 7.8
CVE-2024-26724 [HIGH] CWE-416 kernel: net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers
kernel: net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: DPLL, Fix possible use after free after delayed work timer triggers
I managed to hit following use after free warning recently:
[ 2169.711665] ==================================================================
[ 2169.714009] BUG: KASAN: slab-use-after-free in __run_timers.part.0+0x179/0x4c0
[ 2169.716293] Write of size 8 at addr ffff88812b326a70 by task swapper/4/0
[ 2169.719022] CPU: 4 PID: 0 Comm: swapper/4 Not tainted 6.8.0-rc2jiri+ #2
[ 2169.720974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014
[ 2169.722457] Call Trace:
[ 2169.722756]
[ 2169.723024] dump_st
No detection rules found.
No writeups or analysis indexed.
2009-06-22
Published