Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
UCanCode E-XD++ Visualization Enterprise Suite Untrusted Pointer Dereference RCE
Vulnerability Description
UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A crafted input may cause the control to dereference an attacker-controlled pointer, enabling remote code execution in the context of the hosting process. The vulnerability requires user interaction (instantiation of the ActiveX control via a web page or a file).
CVSS Information
N/A
Vulnerability Type
使用越界的指针偏移
Vulnerability Title
UCanCode E-XD++ Visualization Enterprise Suite 安全漏洞
Vulnerability Description
UCanCode E-XD++ Visualization Enterprise Suite是中国UCanCode公司的一个可视化开发组件。 UCanCode E-XD++ Visualization Enterprise Suite存在安全漏洞,该漏洞源于TKDRAWCAD.TKDrawCADCtrl.1 ActiveX控件中存在不受信任指针取消引用问题,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A