Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long (1) serverAddress, (2) sessionId, (3) clientIPLower, (4) clientIPHigher, (5) userName, (6) domainName, or (7) dnsSuffix Unicode property value. NOTE: the AddRouteEntry vector is covered by CVE-2007-5603.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SonicWALL SSL VPN客户端ActiveX控件多个安全漏洞
Vulnerability Description
SonicWALL SSL-VPN可以为企业网络提供简单易用的VPN解决方案。 SonicWALL SSL-VPN的ActiveX控件实现上存在多个安全漏洞,远程攻击者可能利用这些漏洞控制用户系统。 SonicWALL SSL-VPN解决方案所安装的WebCacheCleaner ActiveX控件的FileDelete()方式没有正确地验证某些参数,允许攻击者删除客户端上的任意文件;此外NELaunchCtrl ActiveX控件的AddRouteEntry()方式在处理第二个参数时未经长度检查便拷贝到
CVSS Information
N/A
Vulnerability Type
N/A