Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple unspecified vulnerabilities in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to create or overwrite arbitrary files via unspecified arguments to the (1) httpGETToFile, (2) httpPOSTFromFile, and possibly other methods, probably involving path traversal vulnerabilities in exposed dangerous methods. NOTE: this can be leveraged for code execution by writing to a Startup folder.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Intuit QuickBooks Online Edition ActiveX控件栈缓冲区溢出漏洞
Vulnerability Description
QuickBooks Online Edition是一款在线财务软件。 如果用户受骗打开了恶意HTML文档的话,QuickBooks Online Edition ActiveX控件的httpGETToFile()和httpPOSTFromFile()方式可能会向用户系统中任意位置下载或上传文件;其他一些方式中可能还会触发栈溢出,导致执行任意指令。
CVSS Information
N/A
Vulnerability Type
N/A