McAfee Virtual Technician MVTControl 6.3.0.1911 - GetObject (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "McAfee Virtual...

McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability

This module exploits a vulnerability found in McAfee Virtual Technician's MVTControl. This ActiveX control can be abused by using the GetObject function to load additional unsafe classes such as WScript.Shell, therefore allowing remote code execution under the context of the user. This module...

Несанкционированный доступ через GetObject() в Microsoft Internet Explorer (unauthorized access)

Через функцию GetOBject можно получить доступ к локальным файлам...

CVE-2001-0149

CVE-2001-0149 affects Windows Scripting Host in Internet Explorer 5.5 and earlier. The vulnerability allows remote attackers to read arbitrary files through the GetObject JavaScript function and the htmlfile ActiveX object. Affected product: Internet Explorer on Windows (older IE versions). Root ...