Lucene search

[email protected]CVE-2007-3785

HistoryJul 15, 2007 - 11:30 p.m.

CVE-2007-3785

2007-07-1523:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-3785

absolute path traversal

activex control

pgpbbox.dll

eldos secureblackbox

sbb

remote attackers

arbitrary files

savetofile method

7.3 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:P/A:P

0.008 Low

EPSS

Percentile

81.8%

JSON

Absolute path traversal vulnerability in a certain ActiveX control in PGPBBox.dll in EldoS SecureBlackbox (sbb) 5.1.0.112 allows remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the SaveToFile method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CPENameOperatorVersion
eldos_corporation:secureblackboxeldos corporation secureblackboxeq5.1.0.112

CPE	Name	Operator	Version
eldos_corporation:secureblackbox	eldos corporation secureblackbox	eq	5.1.0.112

References

osvdb.org/39748

www.securityfocus.com/bid/24882

exchange.xforce.ibmcloud.com/vulnerabilities/35368

7.3 High

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:P/A:P

0.008 Low

EPSS

Percentile

81.8%

JSON

Related for CVE-2007-3785

prion1