Multiple insecure-method vulnerabilities in the SimpleTree and ReportTree classes in the ARDoc ActiveX control (ARDoc.dll) in Quest InTrustID: oval:org.secpod.oval:def:7975 | Date: (C)2012-11-22 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with Quest InTrust 10.0 through 10.4.0.853 and is prone to multiple insecure-method vulnerabilities. The flaws are present in the application, which fails to properly implement the SaveToFile method. Successful exploitation allows remote attackers to write or overwrite arbitrary files via the bstrFileName argument.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |