And probably not the last vendor - reported by this US-CERT team member:
http://secunia.com/search/?search=Will+Dormann+activex&sort_by=date
- Juha-Matti
[EMAIL PROTECTED] wrote:
Seesh. Another big software vendor places a backdoor on their customers
computers that the bad guys can use also.
Richard
http://www.kb.cert.org/vuls/id/979638
Intuit QuickBooks Online Edition is a version of QuickBooks that is implemented
as an ActiveX control.
This ActiveX control contains several dangerous methods, such as
httpGETToFile() and httpPOSTFromFile(). These methods can be used to download
or upload files in arbitrary locations.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
