Lucene search
MitreCVE-2011-5290HistoryJan 01, 2015 - 2:59 a.m.
CVE-2011-5290
2015-01-0102:59:06
CWE-264
mitre
web.nvd.nist.gov
25
cve-2011-5290
savetofile method
unibasicpack
unitextbox
activex control
idrive online backup
remote attackers
arbitrary files
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.003
Percentile
72.0%
The SaveToFile method in the UniBasicPack.UniTextBox ActiveX control in UniBasic100_EDA1811C.ocx in IDrive Online Backup 3.4.0 allows remote attackers to write to arbitrary files via a pathname in the first argument.
Affected configurations
Node
idrive_incidrive_online_backupMatch3.4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| idrive_inc | idrive_online_backup | 3.4.0 | cpe:2.3:a:idrive_inc:idrive_online_backup:3.4.0:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2011-5290
2015-01-01 02:00:00
prion
prion
Design/Logic Flaw
2015-01-01 02:59:00
nvd
nvd
CVE-2011-5290
2015-01-01 02:59:06
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.003
Percentile
72.0%
Related for CVE-2011-5290