Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft File Transfer Manager远程任意文件上传/下载漏洞
Vulnerability Description
文件传输管理程序(File Transfer Manager (FTM))用于Microsoft beta程序测试员,MSDN,Microsoft Volume Licensing服务等从Microsoft站上下载软件。 文件传输管理程序(FTM)ActiveX控件中的"Persist"函数对部分参数存在问题,远程攻击者可以利用这个漏洞在用户系统中上传/下载任意文件。 文件传输管理程序(FTM)ActiveX控件在调用"Persist"对"TGT="和"TGN="参数的值缺少正确检查,可以导致在不需要用户
CVSS Information
N/A
Vulnerability Type
N/A