6 matches found
EUVD-2008-6466
Malware in sbrugna...
CVE-2008-6496
Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method...
Security feature bypass
Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method...
CVE-2008-6496
CVE-2008-6496 affects VISAGESOFT eXPert PDF EditorX (VSPDFEditorX.ocx 1.0.200.0). The VSPDFEdit ActiveX control exposes extractPagesToFile’s first argument, allowing remote attackers to create or overwrite arbitrary files. Documented impact is arbitrary file overwrite; no remediation details are ...
CVE-2008-6496
Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method...
eXPert PDF EditorX ActiveX控件任意文件覆盖漏洞
BUGTRAQ ID: 32664 eXPert PDF Viewer是为windows应用开发人员设计的可嵌入式PDF查看器。 VSPDFEditorX.VSPDFEdit ActiveX控件(VSPDFEditorX.ocx)所提供的extractPagesToFile方式没有正确地验证用户所提交的Filename和PagesRange参数,如果用户受骗访问了恶意网页并传送了恶意参数的话,就可能向用户系统保存或覆盖任意文件。 Visagesoft eXPert PDF Viewer ActiveX 1.0.200.0 临时解决方法: 为CLSID...