The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does not properly restrict certain property values, which allows remote attackers to read arbitrary files via a filename in the SourceFile property in conjunction with an http URL in the DestURL property.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: flexera
Published: 2010-10-26T18:00:00Z
Updated: 2024-09-16T20:37:02.746Z
Reserved: 2010-07-01T00:00:00Z
Link: CVE-2010-2584
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2010-10-26T19:00:02.627
Modified: 2010-10-28T04:00:00.000
Link: CVE-2010-2584
Redhat
No data.