The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does not properly restrict certain property values, which allows remote attackers to read arbitrary files via a filename in the SourceFile property in conjunction with an http URL in the DestURL property.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: flexera
Published: 2010-10-26T18:00:00Z
Updated: 2024-09-16T20:37:02.746Z
Reserved: 2010-07-01T00:00:00Z
Link: CVE-2010-2584

No data.

Status : Modified
Published: 2010-10-26T19:00:02.627
Modified: 2024-11-21T01:16:57.173
Link: CVE-2010-2584

No data.