Описание
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer."
Ссылки
- Exploit
- Exploit
- Exploit
- Vendor Advisory
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Vendor Advisory
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 10.4.0.853 (включая)
Одно из
cpe:2.3:a:quest:intrust:*:*:*:*:*:*:*:*
cpe:2.3:a:quest:intrust:10.1:*:*:*:*:*:*:*
cpe:2.3:a:quest:intrust:10.2.5:*:*:*:*:*:*:*
cpe:2.3:a:quest:intrust:10.3:*:*:*:*:*:*:*
cpe:2.3:a:quest:intrust:10.4:*:*:*:*:*:*:*
EPSS
Процентиль: 99%
0.81342
Высокий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer."
EPSS
Процентиль: 99%
0.81342
Высокий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other