Back to search
CVE-2006-5658
Published: Nov 3, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
BlooMooWeb ActiveX control (AidemATL.dll) allows remote attackers to (1) download arbitrary files via a URL in the bstrUrl parameter to the BW_DownloadFile method, (2) execute arbitrary local files via a file path in the bstrParams parameter to the BW_LaunchGame method, and (3) delete arbitrary files via a file path in the filePath parameter to the BW_DeleteTempFile method.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
bloomooweb-activex-command-execution(29968)
vdb-entry
x_refsource_XF
bloomooweb-bwdeletetempfile-dos(29997)
vdb-entry
x_refsource_XF
22666
third-party-advisory
x_refsource_SECUNIA
20827
vdb-entry
x_refsource_BID
ADV-2006-4294
vdb-entry
x_refsource_VUPEN
20061031 ActiveX security leaks in the TV owned web game platform
mailing-list
x_refsource_BUGTRAQ
1808
third-party-advisory
x_refsource_SREASON
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now