CVE-2009-0465
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2009-0465
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The SaveDoc method in the All_In_The_Box.AllBox ActiveX control in ALL_IN_THE_BOX.OCX in Synactis ALL In-The-Box ActiveX 3 allows remote attackers to create and overwrite arbitrary files via an argument ending in a '\0' character, which bypasses the intended .box filename extension, as demonstrated by a C:\boot.ini\0 argument.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Synactis ALL In-The-Box ActiveX 'All_In_The_Box.AllBox ActiveX'控件任意文件重写漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Synactis ALL In-The-Box是一款功能强大的开发工具。 Synactis ALL In-The-Box ActiveX 3版本的ALL_IN_THE_BOX.OCX里的All_In_The_Box.AllBox ActiveX控件中的SaveDoc方式允许远程攻击者借助一个以"'\0'"字符结尾的自变量,创建和重写任意文件。该自变量会绕过设置的.box文件扩展名,比如C:\boot.ini\0自变量。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2009-0465
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2009-0465
Please Login to view more intelligence information
- http://www.dsecrg.com/pages/vul/show.php?id=62x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2009-0465
Same Patch Batch · n/a · 2009-02-06 · 50 CVEs total
| CVE-2008-6073 | Magic2003 StorageCrypt加密问题漏洞 | |
| CVE-2009-0461 | Whole Hog Password Protect: Enhanced 'adminid cookie'身份认证绕过和权限提升漏洞 | |
| CVE-2009-0466 | Vivvo 404出错页 跨站脚本攻击漏洞 | |
| CVE-2009-0467 | Armorlogic Profense 'proxy.html'跨站请求伪造和跨站脚本攻击漏洞 | |
| CVE-2009-0468 | Armorlogic Profense 'ajax.html'多个跨站请求伪造和跨站脚本攻击漏洞 | |
| CVE-2009-0469 | Futomi's CGI Cafe Search CGI安全漏洞 | |
| CVE-2009-0417 | Agavi 多个跨站脚本攻击漏洞 | |
| CVE-2009-0464 | Groonesworld Groone Groone GBook includes/header.php 'abspath'远程文件包含漏洞 | |
| CVE-2009-0457 | Magtrb AJA Portal Contact_Plus&Reviews modules 'Reviews modules'和本地文件包含漏洞 | |
| CVE-2009-0456 | Sourdough 'examples/example_clientside_javascript.php' 远程文件包含漏洞 | |
| CVE-2009-0458 | Whole Hog ware Support 'admin/login_submit.php' SQL注入漏洞 | |
| CVE-2008-6072 | GraphicsMagick 多个未明拒绝服务漏洞 | |
| CVE-2008-6071 | GraphicsMagick 程序pict.c函数 DecodeImage多个堆溢出及拒绝服务漏洞 | |
| CVE-2008-6070 | GraphicsMagick 程序palm.c函数ReadPALMImage 多个堆溢出及拒绝服务漏洞 | |
| CVE-2008-6069 | 123Flashchat E107 eChat插件'e107chat.php' SQL注入漏洞 | |
| CVE-2008-6068 | Web_Design_Hero 'index.php' SQL注入漏洞 | |
| CVE-2008-6085 | F-Secure RPM文件解析整数溢出漏洞 | |
| CVE-2008-6084 | .Matteoiammarrone Iamma Nuke Simple Gallery 'upload.php ' 任意文件上传漏洞 | |
| CVE-2008-6083 | TXTshop 'header.php' 目录遍历漏洞 | |
| CVE-2008-6082 | Southrivertech Titan FTP Server SITE WHO命令远程拒绝服务漏洞 |
Showing top 20 of 50 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2009-0465
No comments yet