6 matches found
EUVD-2008-4898
Malware in sbrugna...
eXPert PDF EditorX ActiveX控件任意文件覆盖漏洞
BUGTRAQ ID: 32664 eXPert PDF Viewer是为windows应用开发人员设计的可嵌入式PDF查看器。 VSPDFEditorX.VSPDFEdit ActiveX控件(VSPDFEditorX.ocx)所提供的extractPagesToFile方式没有正确地验证用户所提交的Filename和PagesRange参数,如果用户受骗访问了恶意网页并传送了恶意参数的话,就可能向用户系统保存或覆盖任意文件。 Visagesoft eXPert PDF Viewer ActiveX 1.0.200.0 临时解决方法: 为CLSID...
CVE-2008-4919
Insecure method vulnerability in VISAGESOFT eXPert PDF Viewer X ActiveX control VSPDFViewerX.ocx 3.0.990.0 allows remote attackers to overwrite arbitrary files via a full pathname to the savePageAsBitmap method...
Security feature bypass
Insecure method vulnerability in VISAGESOFT eXPert PDF Viewer X ActiveX control VSPDFViewerX.ocx 3.0.990.0 allows remote attackers to overwrite arbitrary files via a full pathname to the savePageAsBitmap method...
CVE-2008-4919
Insecure method vulnerability in VISAGESOFT eXPert PDF Viewer X ActiveX control VSPDFViewerX.ocx 3.0.990.0 allows remote attackers to overwrite arbitrary files via a full pathname to the savePageAsBitmap method...
CVE-2008-4919
Product affected: Visagesoft eXPert PDF Viewer ActiveX Control (VSPDFViewerX.ocx) 3.0.990.0. Vulnerability: ActiveX Control based file overwrite vulnerability that allows a remote attacker to overwrite arbitrary files by supplying a full pathname to the savePageAsBitmap method. Root cause / vecto...