Arbitrary File Creation Vulnerability in IBM Access Support eGatherer ActiveX Control 2.0.0.16

Arbitrary File Creation Vulnerability in IBM Access Support eGatherer ActiveX Control 2.0.0.16

CVE-2004-2663 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder.

Learn more about our Cis Benchmark Audit For Ibm I.