Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Quest InTrust ‘AnnotateX.dll’ 远程代码执行漏洞
Vulnerability Description
Quest InTrust 10.4.0.853版本和早期版本中存在远程代码执行漏洞,该漏洞源于对用户提供的数据未经充分的边界检查。远程攻击者可利用该漏洞在使用ActiveX控件的应用程序(典型如Internet Explorer)上下文中执行任意代码,攻击失败可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A