Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Argument injection vulnerability in orbitmxt.dll 2.1.0.2 in the Orbit Downloader 2.8.7 and earlier ActiveX control allows remote attackers to overwrite arbitrary files via whitespace and a command-line switch, followed by a full pathname, in the third argument to the download method.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Orbit Downloader ActiveX控件download()方式任意文件删除漏洞
Vulnerability Description
Orbit Downloader是用于从视频共享网站下载流媒体的下载管理器。 Orbit Downloader ActiveX控件(CLSID:{3F1D494B-0CEF-4468-96C9-386E2E4DEC90},ProgID:Orbitmxt.Orbit)没有正确地对download()方式所传送的输入参数做检查,如果用户受骗访问了恶意网页并向该方式传送了恶意参数的话,就可能导致删除任意系统文件。
CVSS Information
N/A
Vulnerability Type
N/A