嚴重性: 緊急

  描述

Quest InTrust is prone to a remote code-execution vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application (typically Internet Explorer) using the ActiveX control. Failed exploit attempts will likely result in denial-of-service conditions.

  資訊暴露評比:

  解決方案

  Trend Micro Deep Security DPI Rule Name: 1004989 - Quest InTrust 'AnnotateX.dll' Uninitialized Pointer Code Execution Vulnerability

  排名前幾位的被入侵軟體:

  • Quest InTrust 10.4.0.853 and earlier