2 matches found
Nessus Windows < 3.0.6.1 ScanCtrl ActiveX Multiple Method File Manipulation
The remote host contains the ScanCtrl ActiveX control, a part of Nessus for Windows. The version of the ScanCtrl ActiveX control, installed as part of Nessus for Windows on the remote host, fails to validate input to several methods. If an attacker can trick a user on the affected host into...
CVE-2007-4031
CVE-2007-4031 affects Nessus Vulnerability Scanner for Windows prior to 3.0.6.1, in the ScanCtrl ActiveX control (SCANCTRL.ScanCtrlCtrl.1 in scan.dll). The flaw allows directory traversal: an attacker who lures a user to a crafted page can cause deleteReport to send a .. path, enabling deletion o...