Lucene search

[email protected]CVE-2009-0301

HistoryJan 27, 2009 - 8:30 p.m.

CVE-2009-0301

2009-01-2720:30:05

[email protected]

web.nvd.nist.gov

cve-2009-0301

flexcell grid control

activex

vulnerabilities

remote attackers

arbitrary files

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.6%

JSON

Multiple insecure method vulnerabilities in the FlexCell.Grid ActiveX control (FlexCell.ocx) in FlexCell Grid Control 5.6.9 allow remote attackers to create and overwrite arbitrary files via the (1) SaveFile and (2) ExportToXML methods.

Affected configurations

NVD

Node

grid2000flexcell_grid_controlMatch5.6.9

CPENameOperatorVersion
grid2000:flexcell_grid_controlgrid2000 flexcell grid controleq5.6.9

CPE	Name	Operator	Version
grid2000:flexcell_grid_control	grid2000 flexcell grid control	eq	5.6.9

References

secunia.com/advisories/33664

www.securityfocus.com/bid/33453

www.exploit-db.com/exploits/7868

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.6%

JSON

Related for CVE-2009-0301

prion1 cvelist1 nvd1 nessus1