Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-4471
HistoryOct 07, 2008 - 8:00 p.m.

CVE-2008-4471

2008-10-0720:00:17
CWE-22
[email protected]
web.nvd.nist.gov
24
cve-2008-4471
directory traversal
cexpressviewercontrol
dwf viewer activex
adview.dll
remote attackers

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.1%

JSON

Directory traversal vulnerability in the CExpressViewerControl class in the DWF Viewer ActiveX control (AdView.dll 9.0.0.96), as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to overwrite arbitrary files via "…" sequences in the argument to the SaveAS method.

Affected configurations

NVD
Node
autodeskdesign_reviewMatch2009
OR
autodeskdwf_viewer
OR
autodeskrevit_architectureMatch2009sp2

Related

prion 1
cvelist 1
nvd 1
checkpoint_advisories 1
prion
prion
Directory traversal
2008-10-07 20:00:00
cvelist
cvelist
CVE-2008-4471
2008-10-07 18:27:00
nvd
nvd
CVE-2008-4471
2008-10-07 20:00:17
checkpoint_advisories
checkpoint_advisories
Autodesk LiveUpdate ActiveX Control Code Execution (CVE-2008-4471; CVE-2008-4472)
2008-11-12 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.1%

JSON
Related for CVE-2008-4471
prion1cvelist1nvd1checkpoint_advisories1