Full Disclosure mailing list archives

Re: OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability

From: Źmicier Januszkiewicz <gauri () tut by>
Date: Wed, 16 Oct 2013 19:31:38 +0200

The file include web vulnerability via POST request method


The what now?..

Successful exploitation of the vulnerability results in unauthorized local file
and path requests to compromise the device or application.


How exactly does uploading an image result in "compromise the device
or application" ?

Z.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability Vulnerability Lab (Oct 15)
- Re: OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability Źmicier Januszkiewicz (Oct 16)