RSS   Vulnerabilities for 'Intrust'   RSS

2012-11-17
 
CVE-2012-5897

 

 
The (1) SimpleTree and (2) ReportTree classes in the ARDoc ActiveX control (ARDoc.dll) in Quest InTrust 10.4.0.853 and earlier do not properly implement the SaveToFile method, which allows remote attackers to write or overwrite arbitrary files via the bstrFileName argument.

 
 
CVE-2012-5896

CWE-DesignError
 

 
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer."

 

 >>> Vendor: Quest 9 Products
Toad for data analysts
Intrust
Privilege manager
Privilege manager for unix
Kace asset management appliance
Kace systems management appliance
K1000 as a service
Netvault backup
Kace system management appliance


Copyright 2019, cxsecurity.com

 

Back to Top