Lucene search
K

3 matches found

Prion
Prion
added 2007/09/14 1:17 a.m.38 views

Directory traversal

Absolute directory traversal vulnerability in a certain ActiveX control in the VB To VSI Support Library VBTOVSI.DLL 1.0.0.0 in Microsoft Visual Studio 6.0 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveAs method. NOTE: contents can b...

5.8CVSS7.1AI score0.1636EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2007/09/14 1:0 a.m.54 views

CVE-2007-4890

CVE-2007-4890 affects the VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 within Microsoft Visual Studio 6.0. The vulnerability is an absolute directory traversal in the SaveAs method that allows remote attackers to create or overwrite arbitrary files via a full pathname; the Load method can copy...

5.8CVSS6.6AI score0.1636EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2007/09/14 12:0 a.m.20 views

Microsoft Visual Studio VB To VSI支持库ActiveX控件任意文件覆盖漏洞

BUGTRAQ ID: 25635 Microsoft Visual Studio是微软公司的开发工具套件系列产品,是一个基本完整的开发工具集,包括了软件整个生命周期中所需要的大部分工具。 Visual Studio中所安装的VB To VSI支持库(VBTOVSI.DLL)没有正确的验证某些方式的输入参数,允许用户使用Load方式做为参数加载本地机器的文件,然后使用SaveAs方式将其保存到任意位置。 Microsoft Visual Studio 6.0 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...

6.9AI score
Exploits0
Rows per page
Query Builder