CVE-2009-1064
CVE-2009-1064 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:P
Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit Downloader 2.8.7 and earlier ActiveX control allows remote attackers to overwrite arbitrary files via whitespace and a command-line switch, followed by a full pathname, in the third argument to the download method.
Learn more about our Web Application Penetration Testing UK.