6 matches found
TVUPlayer PlayerOcx控件不安全方式调用漏洞
TVUPlayer是一款免费的网络电视软件。 TVUPlayer所安装的PlayerOcx控件没有正确地验证传送给LangFileName方式的调用参数,用户受骗访问了恶意网页并向该方式传送了特制参数就会导致覆盖系统上的任意非隐藏文件。 TuvNetworks TVUPlayer 2.4.9 beta1build 1797 临时解决方法: 为clsid 18E6ED0D-08D1-4ED5-8771-E72B4E6EFFD8设置kill bit。 厂商补丁: TuvNetworks -----------...
TVUPlayer ActiveX code execution
Insecure method allows local files access...
[DSECRG-09-065] TVUPlayer PlayerOcx.ocx ActiveX - Insecure method
ActiveX component contains insecure method that can overwrite any file in system Digital Security Research Group DSecRG Advisory DSECRG-09-065 Application: TVUPlayer Versions Affected: Tested on v2.4.9beta1build1797 Vendor URL: www.tvunetworks.com Bugs: insecure method, File overwriting Exploits:...
TVUPlayer 2.4.9beta1 Active-X Insecure Method
DSECRG-09-065 TuvNetworks TVUPlayer ActiveX component - Insecure method TVUPlayer contains ActiveX component PlayerOcx which contains insecure method that can overwrite any unhidden file in the system. Application: TVUPlayer Versions Affected: Tested on v2.4.9beta1build1797 Vendor URL:...
TVUPlayer 2.4.4.9beta1 - PlayerOcx.ocx ActiveX Control Arbitrary File Overwrite
TVUPlayer 2.4.4.9beta1 - PlayerOcx.ocx ActiveX Control Arbitrary File Overwrite source: https://www.securityfocus.com/bid/39956/info TVUPlayer ActiveX control is prone to a vulnerability that lets attackers overwrite arbitrary local files on the victim's computer in the context of the vulnerable...
TVUPlayer 2.4.4.9beta1 - 'PlayerOcx.ocx' ActiveX Control Arbitrary File Overwrite
source: https://www.securityfocus.com/bid/39956/info TVUPlayer ActiveX control is prone to a vulnerability that lets attackers overwrite arbitrary local files on the victim's computer in the context of the vulnerable application, typically Internet Explorer, using the ActiveX control. TVUPlayer...