CVE-2012-5897 in InTrustinformazioni

Riassunto

di MITRE

The (1) SimpleTree and (2) ReportTree classees in the ARDoc ActiveX control (ARDoc.dll) in Quest InTrust 10.4.0.853 and earlier do not properly implement the SaveToFile method, which allows remote attackers to write or overwrite arbitrary files via the bstrFileName argument.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

17/11/2012

Divulgazione

17/11/2012

Moderazione

accettato

Voce

VDB-62943

CPE

pronto

CWE

CWE-264 (confermato)

Sfruttamento

Scaricare

CVSS

9.3 (NVD)

EPSS

0.03826

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-5897
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-5897
CVE Details	https://www.cvedetails.com/cve/CVE-2012-5897/

◂ Precedente Visione D'ensemble Il prossimo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!