Absolute path traversal vulnerability in a certain ActiveX control in Zune allows user-assisted remote malicious users to overwrite arbitrary files via the SaveToFile method. NOTE: the victim must explicitly allow the code to run.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft zune software |