Lucene search

[email protected]CVE-2007-3660

HistoryJul 10, 2007 - 7:30 p.m.

CVE-2007-3660

2007-07-1019:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3660

nonnoi

asp

barcode

activex

control

remote attackers

overwrite

files

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.8%

JSON

The Nonnoi ASP/Barcode ActiveX control (nonnoi_ASPBarcode.dll) allows remote attackers to overwrite arbitrary files via an argument to the SaveBarcode function.

Affected configurations

NVD

Node

nonnoi_solutionsasp_barcode

CPENameOperatorVersion
nonnoi_solutions:asp_barcodenonnoi solutions asp barcodeeq*

CPE	Name	Operator	Version
nonnoi_solutions:asp_barcode	nonnoi solutions asp barcode	eq	*

References

osvdb.org/42022

www.eleytt.com/advisories/eleytt_NONNOIASPBARCODE.pdf

www.securityfocus.com/archive/1/473187

www.securityfocus.com/bid/24822

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.8%

JSON

Related for CVE-2007-3660

prion1 cvelist1 nvd1