Flexera AdminStudio LaunchProcess Function ActiveX Control Remote Command Execution

The remote host has the Flexera AdminStudio LaunchHelp ActiveX control installed. The control is affected by a remote command execution vulnerability that can be triggered by sending a directory traversal string to the 'LaunchProcess' function. By tricking a victim into visiting a specially craft...

CVE-2011-2657

Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the firs...

Directory traversal

Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the firs...

CVE-2011-2657

Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management ZCM 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the firs...

CVE-2011-2657

CVE-2011-2657 affects the AdminStudio LaunchHelp.dll ActiveX control (LaunchHelp.HelpLauncher.1) used by Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1. The vulnerability arises in the LaunchProcess() function where a directory traversal string supplied as the first argumen...

Novell ZENworks LaunchHelp.dll ActiveX Control LaunchProcess Code Execution

Added: 11/14/2011 CVE: CVE-2011-2657 BID: 50274 OSVDB: 76700 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a...

Symantec AutoFix支持工具SYMADATA.DLL控件多个安全漏洞

BUGTRAQ ID: 28507,28509 CVECAN ID: CVE-2008-0312,CVE-2008-0313 Symantec AutoFix是一些Norton产品中所使用的用于排除Symantec客户端产品中问题的工具。 AutoFix支持工具中所捆绑的ActiveX控件（SYMADATA.DLL）实现上存在漏洞，远程攻击者可能利用此漏洞控制用户系统。 控件为： Clsid：3451DEDE-631F-421c-8127-FD793AFC6CC8 文件：C:\PROGRA1\COMMON1\SYMANT1\SUPPOR1\SymAData.dll Version...