RSS   Vulnerabilities for 'Trendlink'   RSS

2013-04-16
 
CVE-2012-3022

CWE-264
 

 
The SaveToFile method in a certain ActiveX control in TrendDisplay.dll in Canary Labs TrendLink 9.0.2.27051 and earlier does not properly restrict the creation of files, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a crafted web site.

 

 >>> Vendor: Canarylabs 2 Products
Trendlink
Trendweb


Copyright 2024, cxsecurity.com

 

Back to Top