Lucene search

[email protected]CVE-2008-4749

HistoryOct 27, 2008 - 8:00 p.m.

CVE-2008-4749

2008-10-2720:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

vimpx

vimpax

activex control

vulnerability

overwrite

arbitrary files

remote attackers

logfile

clearlogfile

savetofile

nvd

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

79.1%

JSON

Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via (1) the LogFile property and ClearLogFile method, and (2) the SaveToFile method.

CPENameOperatorVersion
db_soft_lab:vimp_xdb soft lab vimp xeq4.8.8.0

CPE	Name	Operator	Version
db_soft_lab:vimp_x	db soft lab vimp x	eq	4.8.8.0

References

securityreason.com/securityalert/4509

www.securityfocus.com/bid/31907

exchange.xforce.ibmcloud.com/vulnerabilities/46096

www.exploit-db.com/exploits/6828

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.006 Low

EPSS

Percentile

79.1%

JSON

Related for CVE-2008-4749

prion1 cvelist1