CVE-2009-0134

EasyGrid ActiveX <3.51 - DoS

Title source: llm

Description

Insecure method vulnerability in the EasyGrid.SGCtrl.32 ActiveX control in EasyGrid.ocx 1.0.0.1 in AAA EasyGrid ActiveX 3.51 allows remote attackers to create and overwrite arbitrary files via the (1) DoSaveFile or (2) DoSaveHtmlFile method. NOTE: vector 1 could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Houssamix · htmlremotewindows

https://www.exploit-db.com/exploits/7779

View Code ZIP pw:eip

References (5)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/47946

[Exploit] http://www.securityfocus.com/bid/33272

[Vendor Advisory] http://secunia.com/advisories/33537

[Third Party Advisory] http://securityreason.com/securityalert/4913

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/7779

Scores

EPSS 0.1295

EPSS Percentile 94.1%

Details

Status published

Products (1)

share2/easy_grid_control 3.51

Published Jan 16, 2009

Tracked Since Feb 18, 2026