Lucene search

[email protected]CVE-2009-0865

HistoryMar 10, 2009 - 2:30 p.m.

CVE-2009-0865

2009-03-1014:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2009-0865

geovision livex

activex control

directory traversal vulnerability

remote attack

nvd

8.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.3%

JSON

Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v8200) ActiveX control 8.1.2 and 8.2.0 in LIVEX_~1.OCX allows remote attackers to create or overwrite arbitrary files via a … (dot dot) in the argument, possibly involving the PlayX and SnapShotX methods.

Affected configurations

NVD

Node

geovisionlivex_activex_controlMatch8.1.2.0

geovisionlivex_activex_controlMatch8.2.0.0

CPENameOperatorVersion
geovision:livex_activex_controlgeovision livex activex controleq8.1.2.0
geovision:livex_activex_controlgeovision livex activex controleq8.2.0.0

CPE	Name	Operator	Version
geovision:livex_activex_control	geovision livex activex control	eq	8.1.2.0
geovision:livex_activex_control	geovision livex activex control	eq	8.2.0.0

References

secunia.com/advisories/33969

www.securityfocus.com/bid/33782

exchange.xforce.ibmcloud.com/vulnerabilities/48773

www.exploit-db.com/exploits/8059

8.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.3%

JSON

Related for CVE-2009-0865

nvd1 prion1 cvelist1