Wednesday, 24 February 2010

EMC HomeBase Arbitrary File Upload Remote Code Execution Vulnerability

TippingPoint's Zero Day Initiative (ZDI) has published an advisory for a remote pre authentication arbitrary file upload vulnerability in EMC HomeBase which leads to arbitrary code execution. This vulnerability was discovered by Stephen Fewer of Harmony Security.

You can read the full ZDI advisory here:
http://www.zerodayinitiative.com/advisories/ZDI-10-020/

No comments: