4 matches found
Double free
Double free vulnerability in Web TransferCtrl Class 8,2,1,4 iManFile.cab, as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null...
CVE-2008-1617
Double free vulnerability in Web TransferCtrl Class 8,2,1,4 iManFile.cab, as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null...
Code injection
The Web TransferCtrl Class 8,2,1,4 iManFile.cab, as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to cause a denial of service memory consumption via a large number of SendNrlLink directives, which opens a separate window for each directive...
CVE-2008-1617
CVE-2008-1617 describes a double-free vulnerability in Interwoven WorkSite 8.2 Web components, specifically the Web TransferCtrl Class ActiveX control (iManFile.cab). The flaw occurs in handling the Server property of the control, allowing a remote attacker to execute arbitrary code by setting th...