Lucene search

[email protected]CVE-2007-3076

HistoryJun 06, 2007 - 10:30 a.m.

CVE-2007-3076

2007-06-0610:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

activex

sasatl.dll

zenturi programchecker

remote attackers

arbitrary files

security vulnerability

7.1 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.034 Low

EPSS

Percentile

91.4%

JSON

A certain ActiveX control in sasatl.dll in Zenturi ProgramChecker allows remote attackers to download arbitrary files to the client system via the DownloadFile function.

CPENameOperatorVersion
zenturi:zenturi_programcheckerzenturi zenturi programcheckereq*

CPE	Name	Operator	Version
zenturi:zenturi_programchecker	zenturi zenturi programchecker	eq	*

References

moaxb.blogspot.com/2007/05/moaxb-30-zenturi-programchecker-activex.html

osvdb.org/36046

secunia.com/advisories/25468

www.securityfocus.com/bid/24377

www.vupen.com/english/advisories/2007/2000

7.1 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.034 Low

EPSS

Percentile

91.4%

JSON

Related for CVE-2007-3076

cvelist1 prion1 nessus1