Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Insecure method vulnerability in the FlexCell.Grid ActiveX control in FlexCell.ocx 5.7.0.1 in FlexCell Grid ActiveX Component allows remote attackers to create and overwrite arbitrary files via the HttpDownloadFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FlexCell Grid ActiveX控件任意文件覆盖漏洞
Vulnerability Description
FlexCell Grid ActiveX控件是一款表格控制工具,提供拷贝、拷贝预览、图表、合并单元格等全面功能。 FlexCell Grid ActiveX控件(FlexCell.ocx)没有正确地验证对HttpDownloadFile()方式的输入参数,如果远程攻击者受骗访问了恶意网站并向该方式传送了特制参数的话,就可能导致以当前登录用户的权限覆盖任意系统文件。
CVSS Information
N/A
Vulnerability Type
N/A