Easy Grid ActiveX控件任意文件覆盖漏洞

BUGTRAQ ID: 33272 Easy Grid ActiveX控件是用于打印、预览表格、图标、公式、表达式的工具。 EasyGrid.SGCtrl.32 ActiveX控件（EasyGrid.ocx）没有安全地调用DoSaveFile方式，如果用户受骗访问了恶意网页并向该方式传送了特制参数的话，就会导致向用户系统写入任意文件。 Easy Grid Control Team Easy Grid ActiveX 3.51 厂商补丁： Easy Grid Control Team ----------------------...

CVE-2008-5404

Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCell Grid ActiveX Component allows remote attackers to create and overwrite arbitrary files via the HttpDownloadFile method. NOTE: this could be leveraged for code execution by creating executable...

FlexCell Grid ActiveX控件任意文件覆盖漏洞

BUGTRAQ ID: 32443 FlexCell Grid ActiveX控件是一款表格控制工具，提供拷贝、拷贝预览、图表、合并单元格等全面功能。 FlexCell Grid ActiveX控件（FlexCell.ocx）没有正确地验证对HttpDownloadFile方式的输入参数，如果远程攻击者受骗访问了恶意网站并向该方式传送了特制参数的话，就可能导致以当前登录用户的权限覆盖任意系统文件。 FlexCell Technologies FlexCell Grid ActiveX 5.7.0.1 FlexCell Technologies ---------------------...

Yahoo Music Jukebox MediaGrid ActiveX buffer overflow

Added: 02/11/2008 CVE: CVE-2008-0625 BID: 27578 OSVDB: 41051 Background Yahoo! Music Jukebox is a music player capable of playing, ripping, and burning MP3s and CDs, creating and sharing playlists, streaming radio stations, and purchasing music. Problem A buffer overflow vulnerability in the...