Lucene search

[email protected]CVE-2007-4067

HistoryJul 30, 2007 - 5:30 p.m.

CVE-2007-4067

2007-07-3017:30:00

[email protected]

web.nvd.nist.gov

cve-2007-4067

absolute path traversal

vulnerability

clinetsuitex6

clwebdav

activex

control

clever internet activex suite

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON

Absolute path traversal vulnerability in the clInetSuiteX6.clWebDav ActiveX control in CLINETSUITEX6.OCX in Clever Internet ActiveX Suite 6.2 allows remote attackers to create or overwrite arbitrary files via a full pathname in the second argument to the GetToFile method. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

clever_componentsinternet_activex_suiteRange≤6.2

CPENameOperatorVersion
clever_components:internet_activex_suiteclever components internet activex suitele6.2

CPE	Name	Operator	Version
clever_components:internet_activex_suite	clever components internet activex suite	le	6.2

References

secunia.com/advisories/26213

www.attrition.org/pipermail/vim/2007-July/001729.html

www.securityfocus.com/bid/25063

www.vupen.com/english/advisories/2007/2659

exchange.xforce.ibmcloud.com/vulnerabilities/35590

www.exploit-db.com/exploits/4226

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

High

0.047 Low

EPSS

Percentile

92.7%

JSON

Related for CVE-2007-4067

prion1 cvelist1 nvd1