Remote File Overwrite Vulnerability in Quest InTrust ActiveX Control
CVE-2012-5897

Currently unrated

Key Information:

Vendor

Quest

Status
Intrust
Vendor
CVE Published:
17 November 2012

What is CVE-2012-5897?

The ARDoc ActiveX control (ARDoc.dll) in Quest InTrust versions up to 10.4.0.853 contains a vulnerability in its SimpleTree and ReportTree classes. The SaveToFile method is not properly implemented, allowing remote attackers to manipulate the bstrFileName argument. This flaw opens the door for exploitation, permitting attackers to write or overwrite arbitrary files on the affected systems. Such vulnerabilities pose significant security risks, leading to unauthorized data access and potential system compromise.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/52773
vdb-entryx_refsource_BID
http://archives.neohapsis.com/archives/bugtraq/2012-03/01...
mailing-listx_refsource_BUGTRAQ
http://www.exploit-db.com/exploits/18672
exploitx_refsource_EXPLOIT-DB

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.