Lucene search

[email protected]CVE-2007-5320

HistoryOct 09, 2007 - 10:17 p.m.

CVE-2007-5320

2007-10-0922:17:00

CWE-22

[email protected]

web.nvd.nist.gov

security

vulnerability

pegasus imaging imagxpress 8.0

nvd

cve-2007-5320

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:P/A:P

7 High

AI Score

Confidence

Low

0.83 High

EPSS

Percentile

98.5%

JSON

Multiple absolute path traversal vulnerabilities in Pegasus Imaging ImagXpress 8.0 allow remote attackers to (1) delete arbitrary files via the CacheFile attribute in the ThumbnailXpres.1 ActiveX control (PegasusImaging.ActiveX.ThumnailXpress1.dll) or (2) overwrite arbitrary files via the CompactFile function in the ImagXpress.8 ActiveX control (PegasusImaging.ActiveX.ImagXpress8.dll).

Affected configurations

NVD

Node

pegasus_imagingimagxpressMatch8.0

CPENameOperatorVersion
pegasus_imaging:imagxpresspegasus imaging imagxpresseq8.0

CPE	Name	Operator	Version
pegasus_imaging:imagxpress	pegasus imaging imagxpress	eq	8.0

References

osvdb.org/37959

osvdb.org/37960

secunia.com/advisories/27095

shinnai.altervista.org/exploits/txt/TXT_3DQ1nIkI6zmWCek4zP5U.html

shinnai.altervista.org/exploits/txt/TXT_wfv7ZG0G6KnQlk1SieLd.html

www.securityfocus.com/bid/25948

www.securityfocus.com/bid/25949

www.vupen.com/english/advisories/2007/3388

exchange.xforce.ibmcloud.com/vulnerabilities/37012

Social References

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:P/A:P

7 High

AI Score

Confidence

Low

0.83 High

EPSS

Percentile

98.5%

JSON

Related for CVE-2007-5320

prion1 cvelist1 nvd1 checkpoint_advisories1