Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HandySoft ActiveX File Download and Execution Vulnerability
Vulnerability Description
hslogin2.dll ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. This is due to a lack of integrity verification of the policy files referenced in the update process, and a remote attacker could induce a user to crafted web page, causing damage such as malicious code infection.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
缺失完整性检查支持
Vulnerability Title
hslogin2.dll ActiveX Control 安全漏洞
Vulnerability Description
HandySoft hslogin2.dll ActiveX Control是HandySoft公司的一个组件。 hslogin2.dll ActiveX Control 6.7.8.4及之前版本和7.3.4及之前版本(Groupware)存在安全漏洞,该漏洞源于程序没有对策略文件进行完整性检查。攻击者可利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A