Unrated severityNVD Advisory· Published Oct 26, 2010· Updated Jun 16, 2026
CVE-2010-2584
CVE-2010-2584
Description
The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage Module ActiveX Controls does not properly restrict certain property values, which allows remote attackers to read arbitrary files via a filename in the SourceFile property in conjunction with an http URL in the DestURL property.
Affected products
2cpe:2.3:a:realpage:module_activex_controls:1.0.0.9:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:realpage:module_activex_controls:1.0.0.9:*:*:*:*:*:*:*
- (no CPE)range: =1.0.0.9
Patches
Vulnerability mechanics
References
4- secunia.com/advisories/41392nvdVendor Advisory
- secunia.com/secunia_research/2010-118/nvdVendor Advisory
- www.osvdb.org/68813nvd
- www.securityfocus.com/bid/44302nvd
News mentions
0No linked articles in our index yet.