2 matches found
CVE-2007-4061
CVE-2007-4061 : Directory traversal via .. in the Nessus ScanCtrl ActiveX (SCANCTRL.ScanCtrlCtrl.1 in scan.dll) allows remote creation/overwrite of arbitrary files through saveNessusRC, potentially enabling code execution by writing to a Startup folder. Affected product: Nessus Vulnerability Scan...
Nessus Windows < 3.0.6.1 ScanCtrl ActiveX Multiple Method File Manipulation
The remote host contains the ScanCtrl ActiveX control, a part of Nessus for Windows. The version of the ScanCtrl ActiveX control, installed as part of Nessus for Windows on the remote host, fails to validate input to several methods. If an attacker can trick a user on the affected host into...